Novell Secure Access™: Overview and Competitive Comparisons Novell BrainShare 2002 Novell Secure Access™: Overview and Competitive Comparisons Gabriel Waters Product Manager Novell, Inc. GWaters@novell.com IO122—Novell Secure Access: Overview and Competitive Comparisions

Vision…one Net Mission A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

Many Systems, Many Accounts Novell BrainShare 2002 Many Systems, Many Accounts hp-ux OS/390 IO122—Novell Secure Access: Overview and Competitive Comparisions

Business Problem: Multiple Accounts=Multiple Logins Novell BrainShare 2002 Business Problem: Multiple Accounts=Multiple Logins IO122—Novell Secure Access: Overview and Competitive Comparisions

Business Problem: Simple Passwords Are Not Secure Enough Anymore

Business Problem: Inherent Vulnerabilities Novell BrainShare 2002 Business Problem: Inherent Vulnerabilities Unix admin Web users Users Apps admin DMZ NetWare Apps Web server NetWare®/NT admin Apps AIX, Solaris, HP-UX, Linux, etc Web server NT/2000 OS/390 Admin Access Control server VPN, Dial-up, Wireless users OS/390 Web admin IO122—Novell Secure Access: Overview and Competitive Comparisions

Business Problem: Old Administrative Model Breaks Down Novell BrainShare 2002 Business Problem: Old Administrative Model Breaks Down Overwhelmed admin(s) Out-of-date user profiles More and more applications Employees, suppliers, customers, partners, etc. Cannot handle all the requests – meltdown Basis for access, authentication and authorization Huge security risk created with identities in multiple environments Cost of change unmanageable A new administration model had to emerge IO122—Novell Secure Access: Overview and Competitive Comparisions

Business Problem: Support Costs Are Increa$ing The typical user spends as much as 44 hours per year performing multiple login tasks to access 4 applications A 1996 study by the Network Applications Consortium Most users can’t remember more than 3 passwords, yet are expected to remember 6 or more Steven Foote, director of strategic research at Hurwitz Group More than 30% of help desk costs are password related Giga, Renee Woo, March 2001 Password management costs between $200 and $300 per user each year IDC

Paradise Manage only one account for each user Novell BrainShare 2002 Paradise Manage only one account for each user Reduce administrative and support costs Eliminate passwords Increase security Provide secure eBusiness, enterprise, and legacy integration IO122—Novell Secure Access: Overview and Competitive Comparisions

Access vs. Provisioning eBusiness Infrastructure Convergence Novell BrainShare 2002 Access vs. Provisioning eBusiness Infrastructure Convergence eProvisioning User provisioning User access management Rapid convergence Strategic Planning Assumptions: The directory services market will cease to be an independent, identifiable market segment by YE2003 (0.8 probability). User access management will cease to be an independent, identifiable market segment by YE2004 (0.7 probability). There is a convergence in the market today. This isn’t new, it is a continuation of a process that has been going on since the mid-1990’s. Functionality that used to be segmented, is now coming together as technology becomes more flexible, more comprehensible and more versatile. This is the essence of one Net. The merging of capabilities that once were disparate to create an environment and experience that is simpler for the user, more accessible for the user, and therefore more productive for the user. There is a convergence in the foundation infrastructure for e-business being driven by the requirements of e-business. Three major functionality areas are converging (vendors and product convergence are discussed on the following page): user provisioning solutions, user access management solutions and content management and personalization services. The intersection of all three can be described as a “next-generation portal” or an “e-business platform”, depending on your perspective. In the slide above, the role of directory services is encompassed by the circle labeled “user access management”. The role of metadirectory (connectivity engine) solutions is encompassed by the “user provisioning”. Very few vendors have a product offering that provides the intersection of all three of these functional requirements. The Sun-Netscape alliance suite of products is one example, providing portal, directory, user management, delegated administration, PKI and metadirectory capabilities. Novell is another vendor with all of the pieces, but faces significant challenges in marketing a consistent solutions-focused message to a business audience rather than a series of independent technology messages to a technical audience. The first of these three functional areas to disappear will be the user access management solution which we believe will merge into content management and personalization services (e.g. portal solutions) within the next three years. Content management and personalization Next-generation portal March 2001 IO122—Novell Secure Access: Overview and Competitive Comparisions

What to Look for in an Access Management Solution Novell BrainShare 2002 What to Look for in an Access Management Solution Intranet and extranet single sign-on Account provisioning Authentication and authorization management Advanced authentication support Directory-enabled Centralized administration Mobile and wireless user support Support for all data stores and security systems Customizable Broad platform support Market leadership IO122—Novell Secure Access: Overview and Competitive Comparisions

The Secure Access Solution Novell BrainShare 2002 The Secure Access Solution Managing authentication and authorization for web, wireless, dial-up, VPN, and client users to provide secure access and single sign-on to applications, databases, and platforms IO122—Novell Secure Access: Overview and Competitive Comparisions

What Is the Secure Access Solution? Novell BrainShare 2002 What Is the Secure Access Solution? A soft bundle of existing Novell products that have/are being further integrated on a common architecture, to create a scalable, reliable, and secure infrastructure for Novell and third-party Secure Access products IO122—Novell Secure Access: Overview and Competitive Comparisions

The Novell Solution

Solution: Novell Secure Access™—Managing Access and Identity for… Novell BrainShare 2002 Solution: Novell Secure Access™—Managing Access and Identity for… Advanced Authentication PKI, Smart Cards, Biometrics, Proximity Cards, Tokens, etc. Novell eDirectory™ Databases Enterprise Security, Firewall, VPN, Dial-up Forward Proxy Web Security, SSO, Reverse Proxy External Web, Wireless, Dial-up, VPN Applications Web, Win32, Citrix, and Host-Based Platforms/NOS NetWare, Windows, Solaris, HP-UX, AIX, Linux, OS/390 IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Access for Applications Novell BrainShare 2002 Secure Access for Applications Novell eDirectory Novell SecureLogin: Enterprise single sign-on Applications Web, Win32, Citrix, and Host-Based IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Access for Platforms Novell BrainShare 2002 Secure Access for Platforms AS 400 Coming NDS-Authentication Services: Account Management OS/390 Novell eDirectory Tru64 UNIX NetWare AIX NT/2000 HP-UX Solaris Linux IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Access for the Web Advanced authentication PKI, Smart Cards, Biometrics, Proximity Cards, Tokens, etc. Novell eDirectory Databases iChain® security, SSO, Reverse proxy External web Applications Web, Win32, Citrix, and Host Based Web applications and servers Platforms/NOS NetWare, Windows, Solaris, HP-UX, AIX, Linux, OS/390

Secure Access for the Enterprise BorderManager® Novell eDirectory Enterprise Security, Firewall, VPN, RADIUS Server, Forward Proxy

Secure Access for Advanced Authentication Novell BrainShare 2002 Secure Access for Advanced Authentication Advanced authentication PKI, Smart Cards, Biometrics, Proximity Cards, Tokens, etc. Novell eDirectory Novell Modular Authentication Service (NMAS™) IO122—Novell Secure Access: Overview and Competitive Comparisions

The Novell Solution

Secure Access for Applications Novell BrainShare 2002 Secure Access for Applications Novell eDirectory Novell SecureLogin: Enterprise single sign-on Applications Web, Win32, Citrix, and Host-Based IO122—Novell Secure Access: Overview and Competitive Comparisions

What Is Novell SecureLogin? Novell BrainShare 2002 What Is Novell SecureLogin? A password management solution that single sign-on enables Windows, web, Citrix/Terminal Server, and host-based applications IO122—Novell Secure Access: Overview and Competitive Comparisions

Novell SecureLogin Benefits Novell BrainShare 2002 Novell SecureLogin Benefits Simplifies the end-user experience User only logs in once Significantly reduces support costs Secures access to applications Users don’t have to remember many/weak passwords Accelerate authentication Users are more productive IO122—Novell Secure Access: Overview and Competitive Comparisions

eDirectory Enables Single Sign-on Novell BrainShare 2002 eDirectory Enables Single Sign-on Securely store passwords in eDirectory Novell eDirectory IO122—Novell Secure Access: Overview and Competitive Comparisions

The Password Management Solution Novell BrainShare 2002 The Password Management Solution For on-demand presentation to applications Novell eDirectory IO122—Novell Secure Access: Overview and Competitive Comparisions

How It Works: Login Experience—Before NSL Novell BrainShare 2002 How It Works: Login Experience—Before NSL Application server Novell Directory Services® (NDS®) 4) Application starts 2) Credential challenge 1) Launch application Login ID: Password: 3) Provide credentials Client workstation IO122—Novell Secure Access: Overview and Competitive Comparisions

How It Works: Login Experience—With NSL Novell BrainShare 2002 How It Works: Login Experience—With NSL Application server Novell eDirectory 5) NSL receives secret (ID/PWD) from eDirectory, then authenticates to application 3) Credential challenge 4) NSL requests secret from eDirectory 2) Launch application 1) Authenticate to eDirectory Login ID: Password: Client workstation IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Access for Platforms Novell BrainShare 2002 Secure Access for Platforms AS 400 Coming OS/390 eDirectory-Authentication Services: Account Management Novell eDirectory Tru64 UNIX NetWare AIX NT/2000 HP-UX Solaris Linux IO122—Novell Secure Access: Overview and Competitive Comparisions

Current Offering OS Account Local Redirect Provision Sync Auth Password OS/390 NDS-AS Solaris NAM NAM/NDS-AS Linux AIX WinNT DirXML™ DirXML Win2K NAM/DirXML HP-UX Tru64 UNIX SolarisX86 OpenVMS AS/400 NetWare

Spring ’02 Release will Have… OS Account Local Provision Sync Auth Redirect Password OS/390 ASAM 3.0 Solaris Linux AIX WinNT NA Win2K HP-UX Tru64 UNIX ASAM 3.1 SolarisX86 OpenVMS AS/400 NetWare NR

What Is Novell Account Management? Novell BrainShare 2002 What Is Novell Account Management? Account integration for user and group accounts and password synchronization on NetWare, Windows, UNIX, Linux and MVS platforms IO122—Novell Secure Access: Overview and Competitive Comparisions

What’s the Value of Novell Account Management and NDS-AS? Novell BrainShare 2002 What’s the Value of Novell Account Management and NDS-AS? Simplifies the complexity and cost of managing passwords For Windows, UNIX and MVS systems and applications Secures Provides integrated security with unified passwords, single login, universal access controls, and distributed policies from the users platform of choice Accelerates Allows for flexible management so that administrators in corporate offices or decentralized branch offices can manage their respective usersIDs in a corporate-wide system IO122—Novell Secure Access: Overview and Competitive Comparisions

Novell BrainShare 2002 What is Novell Account Management and eDirectory Authentication Services? Redirection Novell Account Management (NAM) Redirect security account manager (SAM) registry to eDirectory Redirect etc/pass, NIS, NIS+ to eDirectory using Pluggable Authentication Module (PAM) NDS Authentication Services (NDS-AS) Redirect RACF and ACF2 (OS/390) security systems to eDirectory Redirect etc/pass, NIS, NIS+ to NDS using Pluggable Authentication Module (PAM) Synchronization Novell Account Management DirXML™-based, specialized configuration for Active Directory Future offerings IO122—Novell Secure Access: Overview and Competitive Comparisions

Cross Platform and Application Support Novell BrainShare 2002 Cross Platform and Application Support Platforms NetWare Windows NT Windows 2000 Solaris Linux Platforms Tru64 UNIX AIX HP-UX OS/390 FreeBSD Applications Internet Information Server Apache Web Server RADIUS IMAP POPd SSH Simple API for custom applications NetWare® 5 IO122—Novell Secure Access: Overview and Competitive Comparisions

How Does Windows NT Redirection Work? Novell BrainShare 2002 How Does Windows NT Redirection Work? Windows NT workstation eDirectory server Windows NT server Applications Applications eDirectory SAMLIB.DLL SAMLIB.DLL RPC RPC NDS for NT SAMSRV.DLL Novell Client for Windows NT SAM Domain namebase NDS IO122—Novell Secure Access: Overview and Competitive Comparisions

How Does NDS-AD Synchronization Work? Novell BrainShare 2002 How Does NDS-AD Synchronization Work? Windows 2000 Server Client Workstation eDirectory server Applications Applications MS Active Directory eDirectory DirXML Management Utilities IO122—Novell Secure Access: Overview and Competitive Comparisions

How Does PAM Redirection for UNIX and Linux Work? Novell BrainShare 2002 How Does PAM Redirection for UNIX and Linux Work? Workstation eDirectory server Windows NT server Applications Applications eDirectory LDAP Client SYS,FTP,Login,? SSL PAM NDS-AS AuthClient eDirectory Registry /etc/passwd/ NIS,NIS+ IO122—Novell Secure Access: Overview and Competitive Comparisions

How Does MVS Redirection Work? Novell BrainShare 2002 How Does MVS Redirection Work? Terminal/ workstation eDirectory server OS/390 server Applications eDirectory Applications DB2,TSO,IDMS,? RACF API,SAF NDS-AS SSL, TCP/IP AuthClient eDirectory Registry RACF/ACF2 IO122—Novell Secure Access: Overview and Competitive Comparisions

Providing ROI According to the Bangkok Post 2/09/2000 Novell BrainShare 2002 Providing ROI According to the Bangkok Post 2/09/2000 The value of single sign-on cannot be argued with, but its costs and implementation time can skyrocket for large companies with heterogeneous environments and different user needs A survey by the Securities Industries Association of Washington, D.C. found that users spent on average 44.4 hours a year just “logging in” With NDS-AS they would have spent only 11.1 hours To quantify, this would represent a saving of over $800,000 for a 1,000-user company IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Access for the Web Advanced authentication PKI, Smart Cards, Biometrics, Proximity Cards, Tokens, etc. Novell eDirectory Databases iChain security, SSO, Reverse proxy External web Applications Web, Win32, Citrix, and host based Web applications and servers Platforms/NOS NetWare, Windows, Solaris, HP-UX, AIX, Linux, OS/390

Novell BrainShare 2002 What Is iChain? iChain v 1.5 is a directory enabled security and management infrastructure that provides the foundation for secured eBusiness solutions IO122—Novell Secure Access: Overview and Competitive Comparisions

iChain Internet Caching Server Novell BrainShare 2002 iChain Internet Caching Server Primary access point for all users into the infrastructure using enhanced Reverse Proxy technology Provides single sign-on to web resources Provides acceleration with Cache Object Store (COS) Maintains data confidentiality (SSLizer) Forces SSL between browser and proxy HTTP between proxy and web server On/Off per accelerator IO122—Novell Secure Access: Overview and Competitive Comparisions

Primary Access Point Enhanced Reverse Proxy technology with iChain Novell BrainShare 2002 Primary Access Point iChain Proxy SSL Browser Enhanced Reverse Proxy technology with Multi-Homing (single public IP address to multiple backend web servers) Path Based Multi-Homing (URL forwarding) redirect to a specified web server based on the URL suffix “www.novell.com/web1” and “www.novell.com/web2” will redirect to different web servers while maintaining the secured connection Secured browser to proxy communications using SSLizer Web Servers IO122—Novell Secure Access: Overview and Competitive Comparisions

Authentication Service Novell BrainShare 2002 Authentication Service Standard browser-based access Username and password over HTTPS Can authenticate with UserID, e-mail or any LDAP field Multiple authentication methods One time passwords (within the same DNS domain) X.509 certificates Future integration with NMAS (Novell Modular Authentication Services) will provide additional methods including Smart Card, Token and Biometric Multi-factor authentication Combination of authentication methods Contextless Login IO122—Novell Secure Access: Overview and Competitive Comparisions

iChain Authentication Process Novell BrainShare 2002 iChain Authentication Process Authentication Proxy 5 9 2 user 12 10-11 1 6 Browser Authentication: 1. Request for data 2. Authenticated?—check table 3. Check the authentication policy 4. Authentication policy 5. Request for authentication 6. Authentication (password, certificate) 7. User validation 8. Access policy determined 9. Authentication token to browser (memory) 10. Access policy enforced 11. Request for data: passed on to cache 12. Request for data: passed on web server 4 3 8 7 eDirectory Web Servers IO122—Novell Secure Access: Overview and Competitive Comparisions

Single Sign-on to Web Resources Novell BrainShare 2002 Single Sign-on to Web Resources iChain will forward (optional) a users logon name and password in the HTTP Authentication Header Any web server using basic authentication will accept the credentials and authenticate the user OLAC provides an option to use different logon credentials (name and password) Two fields have been added “ICHAIN_UID” and “ICHAIN_PWD”, which can be mapped to any LDAP attribute IO122—Novell Secure Access: Overview and Competitive Comparisions

Data Confidentiality Service Novell BrainShare 2002 Data Confidentiality Service Uses SSL encryption between browser and iChain server Provided by the SSLizer Secure transparent encryption Eliminates need to use SSL service on web servers Easy to setup Performance boost for web servers—offloads web servers from having to run SSL encryption No-Cache Setting IO122—Novell Secure Access: Overview and Competitive Comparisions

Authorization Service Novell BrainShare 2002 Authorization Service Authorizes access requests based on rules stored as objects in eDirectory Leverages the eDirectory hierarchy and inheritance mechanisms Cached on iChain ICS server for improved performance “Public Access” can be allowed with no authentication point Access Rules may be assigned to Communities Groups Users Containers (O, OU, etc.) IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Access for Advanced Authentication Novell BrainShare 2002 Secure Access for Advanced Authentication Advanced Authentication PKI, Smart Cards, Biometrics, Proximity Cards, Tokens, etc. Novell eDirectory Novell Modular Authentication Service IO122—Novell Secure Access: Overview and Competitive Comparisions

What Is Novell Modular Authentication Service (NMAS)? Novell BrainShare 2002 What Is Novell Modular Authentication Service (NMAS)? A single, cost-effective point of administration for managing, grading, and accessing all biometric, smart card, token, and digital certificate authentication to your enterprise IO122—Novell Secure Access: Overview and Competitive Comparisions

NMAS Benefits Simplifies strong authentication Secures authentication Novell BrainShare 2002 NMAS Benefits Simplifies strong authentication Manage multiple authentication methods centrally Secures authentication Encrypts authentication material Provides an alternative to passwords Accelerate authentication Can automatically authenticate users IO122—Novell Secure Access: Overview and Competitive Comparisions

NMAS Supported Methods Novell BrainShare 2002 NMAS Supported Methods Passwords eDirectory password, simple password Enhanced password Token ActivCard, Vasco, RSA, SecureComputing X.509 v3 Certificate Entrust Verisign, Baltimore, XCert, etc. Smart Card ActivCard, Arcot, Data Card, SPYRUS, RSA, etc. Biometric (fingerprint, face, voice, iris, etc.) Applied Biometrics, BAC, BioID, Biometricate, DNP, Identix, Iridian, Saflink, SecuGen, System Needs, Visionsphere, others IO122—Novell Secure Access: Overview and Competitive Comparisions

Multifactor Authentication Novell BrainShare 2002 Multifactor Authentication Password or Biometric Biometric and Smart Card OR OR OR Password and Biometric and Smart Card Something else OR IO122—Novell Secure Access: Overview and Competitive Comparisions

What Is an NMAS Method? Methods are digitally signed code for enabling and securing communication between authentication device and eDirectory Only signed methods are loaded by NMAS server Allows management of methods between vendors Provides integrity check Novell does not represent the quality of any login method it signs You must determine the suitability of a login method for your security policy Perform due diligence on business and technical strengths of NMAS partner company

Universal Smart Card Method Novell BrainShare 2002 Universal Smart Card Method Supports Digital Certificate Authentication via PKCS#11 GemPlus, Bull, Schlumberger, SPYRUS, etc. Vendor specific Crypto Service Provider (CSP) Validation CRL (Certificate Revocation Lists) Certificate Date Validity Intermediate Certificate Authorities Trusted Root Certificate Authority OCSP Validation coming IO122—Novell Secure Access: Overview and Competitive Comparisions

Advanced X.509 Certificate Method Novell BrainShare 2002 Advanced X.509 Certificate Method Supports Digital Certificate authentication via CAPI (Where Internet Explorer stores the keys) PKCS#12 (Standard for protecting private key in a file) Validation CRL (Certificate Revocation Lists) Certificate date validity Certificate chain supports authentication via any PKCS#12 digital certificate IO122—Novell Secure Access: Overview and Competitive Comparisions

Novell BrainShare 2002 Entrust Method Supports authentication via Entrust Profile and Entelligence Client Validation CRL (Certificate Revocation Lists) Certificate Date Validity Certificate Chain IO122—Novell Secure Access: Overview and Competitive Comparisions

Enhanced Password Policy Method Novell BrainShare 2002 Enhanced Password Policy Method Enforce strong password policy for eDirectory authentication Dictionary search Case sensitive Minimum character requirements (alpha and numeric) Minimum case requirements Managed from same password policy object as SSO IO122—Novell Secure Access: Overview and Competitive Comparisions

Workstation Access Method Novell BrainShare 2002 Workstation Access Method Allows Administrator to control how system behaves after inactivity Support for automatic logout when smart card is removed Can lock workstation OR Can logout user entirely Configurable for individual users Enforced by administrator IO122—Novell Secure Access: Overview and Competitive Comparisions

RADIUS Server Radius Server Available in NMAS 2.0 Enterprise Edition Novell BrainShare 2002 RADIUS Server Radius Server Available in NMAS 2.0 Enterprise Edition Supports several token devices, including ActivCard ActivToken, RSA SecurID, VASCO DigiPass Supports Challenge Handshake Authentication Protocol (CHAP) ConsoleOne® Snap-ins to manage the Radius Server Configuration Can Migrate BorderManager 3.5 Radius Configuration to the NMAS Radius Configuration The Radius Server is a NetWare only feature IO122—Novell Secure Access: Overview and Competitive Comparisions

Graded Authentication = Sales Data Research Data = Sales Data Research Data

Partners Protocom Consulting partners Security Partners Novell BrainShare 2002 Partners Consulting partners Security Partners Protocom IO122—Novell Secure Access: Overview and Competitive Comparisions

Solution: Novell SecureAccess—Managing Access and Identity for... Advanced Authentication PKI, Smart Cards, Biometrics, Proximity Cards, Tokens, etc. Novell eDirectory Databases Enterprise Security, Firewall, VPN, Dial-up Forward proxy Web security, SSO, Reverse proxy External web, wireless Applications Web, Win32, Citrix, and host based Platforms/NOS NetWare, Windows, Solaris, HP-UX, AIX, Linux, OS/390

Feature Comparison Legend + Strong or has an advantage relative to the other players (Value = 1 point) = Average relative to other players (Value = 0 points) - Weak or has a disadvantage relative to other players (Value = -1 point)

Secure Access Compared Novell BrainShare 2002 Secure Access Compared Trying to get third-party software to work securely as one requires time and integration Integration costs money, thereby lower ROI Novell Secure Access ties multi-vendor, complex systems together to improve security, reduce costs, and simplify administration IO122—Novell Secure Access: Overview and Competitive Comparisions

Managing User’s Access Regardless of where users are authenticating from, whether it is the web, wireless, dial-up, VPN, or traditional legacy environments, we can integrate and manage the identities of all those users Secure authentication Consistent enforcement of access control rules Single sign-on Strong Audit trail Novell can do this for Novell and third-party products to provision and control access to all applications, databases, platforms, and network resources

Secure Business Portal Solution Case Study: Sesame Workshop Novell BrainShare 2002 Secure Business Portal Solution Case Study: Sesame Workshop Challenge Solution Business Benefits Rapid Timeframes Sesame Workshop’s employees and partners worldwide needing real-time web access to information Scalable solution to be extended to customers and partners Personalized and secure access for users Securing a heterogeneous environment- Microsoft Exchange, Microsoft Outlook, Sun, Oracle, Cognos, Computron, etc. Several username and passwords Novell viewed as long term business partner and advisor iChain-secure Microsoft Outlook web servers provide single sign-on Novell Account Management- password sync between NT domain and eDirectory DirXML- sync data using XML Eliminate multiple username/password prompts when users accessed the system Increase the security of user information Provide easier and more secure access to information Extend the lifetime of existing applications thereby eliminating the need for new application development Reduce cost of administration Immediate password reset ROI Execution of the one Net vision vs. false promises from other vendors 2 Week 2 Weeks Requirements Assessment Design Development Contact Information: Harold Moore, Richard Pace IO122—Novell Secure Access: Overview and Competitive Comparisions

Secure Business Portal Solution Case Study: Taipei County Government Novell BrainShare 2002 Secure Business Portal Solution Case Study: Taipei County Government Challenge Solution Business Benefits Quote Taipei County Government was facing two challenges Limited protection of network resources Insufficient management of user accounts Access to confidential data and applications was only protected by a password Multiple accounts with passwords TCG employees were spending 71 hours per week, on average, trying to access their applications “Novell’s proven track record in security made it an easy choice” – Jang-Ming Young, TCG Security Project Manager Novell Modular Authentication Service provided the infrastructure to effectively manage passwords, biometrics, and smart cards, all of which are used by TCG Novell Account Management unified the account management for TCG’s Solaris, Linux, and Windows NT/2000 systems. ZENworks® proactively manages the desktop, applications, and virus updates “Novell has helped to not only create additional security throughout the TCG network but also save countless dollars, vast amounts of time, and numerous resources, “ Young said. “We feel we got the best security and network management solution on the market.” Contact Information: Barry Chen, Sara Levine TCG employees have just one userID to remember TCG employees only need to login when additional levels of security are required TCG has a holistic security solution that addresses the main weaknesses within enterprise networks TCG administrators manage just one account, and one security policy, for each user IO122—Novell Secure Access: Overview and Competitive Comparisions