Re: Novell BorderManager

["-= ArkanoiD =-" <ark () mpak convey ru>]

nuqneH,

> From: Tyrrell Kevin <tyrrell () foremostsales com>
> To: "'Firewall Wizards'" <firewall-wizards () nfr net>
> Subject: Novell BorderManager
> Date: Fri, 21 Nov 1997 13:31:01 -0500

[dd]

> Has anyone had any experience with Novell's BorderManager product? I am
> specifically interested in its use as a bastion host between the
> Internet and an internal network.

Not a bad thing especially if your internal network is Windows/Netware.
It allows users to authenticate at Netware server and can authorize their
actions on that basis (iirc it can tunnel ip over ipx and there is modified
winsock.dll that allows standard winsock applications to work without "real"
ip on the net)..

Its http proxy is caching one (based on squid code) - and it does support
CyberNOT list.

All that makes BorderManager one of the best solutions for limiting access
_to_ internet for some users if necessary.

> I asked this question a couple of months ago and didn't get much of a
> response. Some of the responses said BorderManager isn't recognized as a
> firewall product. However it provides application proxies, a circuit
> level gateway, packet filtering and VPN.

.. but nowbody knows if it is really good from security viewpoint. It is
new product and there is not much information on possible internal problems.

> Novell also offers trade-in
> upgrades to BorderManager from several of the top tier "big name"
> firewall products. So I feel it does have some firewall characteristics.
> How good these characteristics are is what I am trying to find out.

Depends on what you need. (as any other firewall product)
--- 
                                       _     _  _  _  _      _  _
   Must be a visit from the dead..     _| o |_ | | _|| |   / _||_|   |_ |_ |_
   CU in Hell ..........  Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|