Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing iChain ® in the Wild: Life beyond the lab Rich Roberts Senior Architect – Novell Consulting Novell Inc. Jim Short iChain Guru – Novell Consulting.

Published byAleesha Lamb Modified over 9 years ago

Similar presentations

Presentation on theme: "Implementing iChain ® in the Wild: Life beyond the lab Rich Roberts Senior Architect – Novell Consulting Novell Inc. Jim Short iChain Guru – Novell Consulting."— Presentation transcript:

1 Implementing iChain ® in the Wild: Life beyond the lab Rich Roberts Senior Architect – Novell Consulting Novell Inc. Jim Short iChain Guru – Novell Consulting Resolution Team Novell Inc.

2 © March 9, 2004 Novell Inc. 2 one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions. The one Net vision Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

3 © March 9, 2004 Novell Inc. 3 The one Net vision Novell Nsure solutions take identity management to a whole new level. Novell Nsure gives you the power to control access so you can confidently deliver the right resources to the right people — securely, efficiently, and best of all, affordably. Novell Nsure ™ Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

4 © January 27, 2004 Novell Inc. 4 The Speakers Jim Short With Novell Support for over 10 years iChain guru since the product was created Border Manager ® and NMAS TM Rich Roberts With Novell Consulting for over 5 years Implenting iChain for customers since 2000 Developer for iChain for over 3 years

5 © January 27, 2004 Novell Inc. 5 Agenda Feature Overview Accelerators Rewriter SSL / SLDAP Authentication Architecture Where do I stick it? Working Examples Secure a web site

6 © January 27, 2004 Novell Inc. 6 What is iChain? Web application single sign on SSLizer Reverse Proxy Load Balancer Authenticator

7 © January 27, 2004 Novell Inc. 7 iChain Schema

8 © January 27, 2004 Novell Inc. 8 The ISO Object

9 © January 27, 2004 Novell Inc. 9 Skill sets required What Skill sets do you need to successfully implement iChain Web Site Development – HTML – Javascript – JSP

10 Architecture

11 © January 27, 2004 Novell Inc. 11 Where to stick it... Well now... What does your DMZ look like? Where do your webbies and security folks say it should go? There are several options and all our valid.

12 © January 27, 2004 Novell Inc. 12 Outside The DMZ

13 © January 27, 2004 Novell Inc. 13 In the DMZ

14 © January 27, 2004 Novell Inc. 14 Inside of the firewall

15 © January 27, 2004 Novell Inc. 15 Your Site Content How to optimize your site to work better with iChain

16 © January 27, 2004 Novell Inc. 16 The PIN List

17 © January 27, 2004 Novell Inc. 17 Sample PIN List Byp a s s Oracle Portal v9 /mail/* /webmail.nsf* Byp a s s Lotus Notes Mail v5 /SAPPortal/* /sapportal/* /sap/* /irj/* /hrnp$30001/* Byp a s s SAP Portal v5 /servlets/psportal/* /servlets/iclientservlet/* /servlets/cs/P8ESS/cache/* *.gif *.jpg *.pdf Byp a s s Mem o r y Peoplesoft Portal /nps/servlet/* Byp a s s NPS /iFolder/* Byp a s s iFolder /*.jsp Byp a s s JSPs /servlet/*Byp a s s iChain Servlets /eMFrame/*Byp a s s iManager /eGuide/*Byp a s s Everyone’s searching rights are differenteGuide URL MaskPIN T y p e Issue with cachingApplication

18 © January 27, 2004 Novell Inc. 18 eDirectory Design

19 Support

20 © January 27, 2004 Novell Inc. 20 Top 10 Support Issues

21 © January 27, 2004 Novell Inc. 21 How to debug problems when Secure Exchange is enabled

22 © January 27, 2004 Novell Inc. 22 Taking Packet Traces from iChain

23 © January 27, 2004 Novell Inc. 23 Exporting a NAS File

24 Demonstrations

25 © January 27, 2004 Novell Inc. 25 Basic Configurations

26 © January 27, 2004 Novell Inc. 26 Load Balancing Web Servers

27 © January 27, 2004 Novell Inc. 27 Access Control Methods LDAP Authentication Radius Authentication SSL Certificate Mutual Authentication

28 © January 27, 2004 Novell Inc. 28 How To Determine which SSO Method to use

29 © January 27, 2004 Novell Inc. 29 iChain and your portal

30 © January 27, 2004 Novell Inc. 30 Secure LDAP

31 © January 27, 2004 Novell Inc. 31 HTTPS between iChain and the web server

32 © January 27, 2004 Novell Inc. 32 Creating a form fill script

33 © January 27, 2004 Novell Inc. 33 Interacting with iChain Telnet Putty FTP X-Session NCP – Drive Mappings

34 © January 27, 2004 Novell Inc. 34 Taking Packet Traces from iChain

35 © January 27, 2004 Novell Inc. 35 Custom Login Pages

36 © January 27, 2004 Novell Inc. 36 Custom Error Messages

37 © January 27, 2004 Novell Inc. 37 Using 3 rd Party Certs Wild Cards Are there any others?

38 User Account Management Modules

39 © January 27, 2004 Novell Inc. 39 Password Management Password Expiration Handling Password Change Handling Password Reset Self Service

40 © January 27, 2004 Novell Inc. 40 Help Desk Modules Helpdesk Account Reset Helpdesk Change Password Helpdesk Check User Status

41 © January 27, 2004 Novell Inc. 41 Self Registration

42 © January 27, 2004 Novell Inc. 42 Configuring the modules

43 © January 27, 2004 Novell Inc. 43 Customizing the Modules

44 Liberty Alliance

45 © January 27, 2004 Novell Inc. 45 SAML and Liberty Services

46 Open Source and Novell Forge

47 © January 27, 2004 Novell Inc. 47 Forge Resources

48 © January 27, 2004 Novell Inc. 48 Novell Cool Solutions

49 iChain FAQ

50 © January 27, 2004 Novell Inc. 50 iChain FAQ Is user name and password in the authentication header from iChain to target servers (IIS/Domino, etc) encrypted? Is the authentication header passed with every page request? Can iChain be configured to force users to authenticate through the iChain proxy server? Is there any way to restrict users from directly accessing web servers that are protected by iChain? Does iChain provide an alternative method of forcing users to authenticate (i.e., web agents loaded on target web servers)? Can iChain be configured to not display the address bar/URL of the application that is being accessed? Is there a configurable item in SAP portal that can hide the address bar/URL from being viewed by the user? Can I turn on Auto Restart After Abend?

51 © January 27, 2004 Novell Inc. 51 iChain Ports

52

53 © January 27, 2004 Novell Inc. 53 General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

Download ppt "Implementing iChain ® in the Wild: Life beyond the lab Rich Roberts Senior Architect – Novell Consulting Novell Inc. Jim Short iChain Guru – Novell Consulting."

Similar presentations

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.
Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/e-mail (14pt) Manage and Deploy Applications using Virtualization.

Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/ (14pt) Manage and Deploy Applications using Virtualization.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.

Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.
Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.

Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.
How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.

How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.
SAN Design Considerations Hylton Leigh Senior Consultant Novell Consulting, UK Stuart Thompson Senior Consultant Novell Consulting, UK.

SAN Design Considerations Hylton Leigh Senior Consultant Novell Consulting, UK Stuart Thompson Senior Consultant Novell Consulting, UK.
How to Implement a Cluster of Clusters Atiq Adamjee Senior Architect Novell, Inc. Brad Rupp Software Engineer Novell, Inc.

How to Implement a Cluster of Clusters Atiq Adamjee Senior Architect Novell, Inc. Brad Rupp Software Engineer Novell, Inc.
Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.

Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.
Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,

Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,
Studio 5 João Ferreira EMEA Product Specialist (exteNd) Studio Product manager, Novell, Inc.

Studio 5 João Ferreira EMEA Product Specialist (exteNd) Studio Product manager, Novell, Inc.
Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.

Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.
DIR-835A1 Wireless N750 Dual-Band Router Wireless & Router Product Div. July 2011 D-Link WRPD.

DIR-835A1 Wireless N750 Dual-Band Router Wireless & Router Product Div. July 2011 D-Link WRPD.
August 20, 2006 Delivering Low Latency With IB SUSE ® Linux Enterprise Real Time Moiz Kohari Suse Labs Director Real-Time Systems.

August 20, 2006 Delivering Low Latency With IB SUSE ® Linux Enterprise Real Time Moiz Kohari Suse Labs Director Real-Time Systems.
Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.

Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.
Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.

Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.
Configuring Novell Account Management with Identity Manager for Linux and UNIX Doug Anderson Product Manager Boyd Wilson Product Architect,

Configuring Novell Account Management with Identity Manager for Linux and UNIX Doug Anderson Product Manager Boyd Wilson Product Architect,
Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting.

Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting.
Implementing Novell iChain ® at the City of Los Angeles Adam Loughran Senior Systems Engineer, Novell Robert Gillette IS Development Manager, City of Los.

Implementing Novell iChain ® at the City of Los Angeles Adam Loughran Senior Systems Engineer, Novell Robert Gillette IS Development Manager, City of Los.
Benefits of a SUSE ® Subscription Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/Email (14pt)

Benefits of a SUSE ® Subscription Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)

Similar presentations

Ads by Google