Comments on: NOA: Novell Access Manager http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/ Also known as "Open Source Advocacy with Reverend Ted" Wed, 06 Jan 2010 01:41:09 +0000 http://wordpress.com/ hourly 1 By: Peter Van Lone http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/#comment-1951 Peter Van Lone Fri, 20 Oct 2006 02:57:44 +0000 http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/#comment-1951 Loved the access manager interview. I think this product is going to be a very very strong offering, and am excited to get into it. I do see a couple of glaring weaknesses, especially in the SSL VPN piece. I wonder whether this stuff is going to be addressed somewhere in the road-map: 1)Having the SSL VPN is great, great, great ... but once you have a vpn connection, one of the things people are going to want to do is retrieve/view/open attachments in email and files from file systems. And, as soon as you do that, the user leaves a "footprint" behind on the potentially rogue workstation. Potentially huge security issue. Aventail has an SSL VPN appliance that is able to track and clean-up the remains of a session. And, even if the session crashes, there is no accessible info left behind (it is all encrypted in a blob. To my mind, AM needs this 2)the workstation testing seems weak: we should be able to test workstations for a large and flexible number of factors, including current dat files for anti-virus programs, etc ... the testing is kind of clunky and inflexible. Any chance of seeing this functionality is the future? Loved the access manager interview. I think this product is going to be a very very strong offering, and am excited to get into it. I do see a couple of glaring weaknesses, especially in the SSL VPN piece. I wonder whether this stuff is going to be addressed somewhere in the road-map:

1)Having the SSL VPN is great, great, great … but once you have a vpn connection, one of the things people are going to want to do is retrieve/view/open attachments in email and files from file systems. And, as soon as you do that, the user leaves a “footprint” behind on the potentially rogue workstation. Potentially huge security issue. Aventail has an SSL VPN appliance that is able to track and clean-up the remains of a session. And, even if the session crashes, there is no accessible info left behind (it is all encrypted in a blob. To my mind, AM needs this

2)the workstation testing seems weak: we should be able to test workstations for a large and flexible number of factors, including current dat files for anti-virus programs, etc … the testing is kind of clunky and inflexible.

Any chance of seeing this functionality is the future?

]]> By: Raymon Epping http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/#comment-1868 Raymon Epping Wed, 18 Oct 2006 11:46:02 +0000 http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/#comment-1868 Yesterday evening I was listening to the podcast and I found it very, very interesting. Lee is a good speaker ane he gave some very useful information regarding AM3. I especially liked the real-life examples he gave, for instance the IDM3/AM3 combination. I would love to know / hear some more about that. Yesterday evening I was listening to the podcast and I found it very, very interesting. Lee is a good speaker ane he gave some very useful information regarding AM3. I especially liked the real-life examples he gave, for instance the IDM3/AM3 combination. I would love to know / hear some more about that.

]]> By: THE IDENTITY GANG / NOA: Novell Access Manager http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/#comment-1790 THE IDENTITY GANG / NOA: Novell Access Manager Mon, 16 Oct 2006 16:58:35 +0000 http://reverendted.wordpress.com/2006/10/16/noa-novell-access-manager/#comment-1790 [...] Original post by Ted Haeger and reblogged using an RSS aggregator at The Identity Gang BlogReGator [...] [...] Original post by Ted Haeger and reblogged using an RSS aggregator at The Identity Gang BlogReGator [...]

]]>