Enterprise Integration A Key Topic at UniForum '97 Conference
Security in a Mixed Environment? The Experts Tell How
By Jean S. Bozman, International Data Corp.
IT managers know the story - they have to manage a wide variety of servers, Internet technology, and support for lots of end users. And they have to do it all while working with a mishmosh of security methods - some based on mainframe technology, some meant for client/server systems, and others designed for use on the Internet.
It's even more of a challenge when IT budgets are tight - and the number of IT personnel is steadily shrinking. But a panel of industry and IT experts will tackle the issue of creating a unified security scheme for enterprise networked servers. Called "Security Issues in a Mixed Environment," the panel discusses security for networks including a variety of servers that run Unix, Windows NT, Novell NetWare, and IBM OS/2 software.
The panel (Wednesday, March 12 at 1:30 pm), is one of 56 sessions that comprise the three day UniForum '97 Conference program. Go to www.uniforum97.com for complete conference and registration information.
What were once isolated "islands" of computing have been connected through client/server computing and Internet/intranet technology into a single resource that is tapped by users inside a company's firewall - and by users outside of it. This trans-corporate capability allows new business models to take shape, but it also threatens such standbys of data-center security as dial-back modems and restricted passwords.
Pointing to user case-studies, the panel's security experts will suggest ways in which managers can create an umbrella of security that surrounds mixed-vendor servers.
Pointing to user case-studies, the panel's security experts will suggest ways in which managers can create an umbrella of security that surrounds mixed-vendor servers. These include security services, single user log-on (or sign-on) to a mixed-server network, cryptography, and security-oriented application programming interfaces (APIs). Specific approaches, such as the Kerberos security software originally developed by MIT, and the Distributed Computing Environment (DCE) from the Open Group, will be described.
A second panel, Mixed Server Integration: Unix, NT, OS/2, NetWare (3:00-4:15 p.m. Thursday), will take a close-up view of connectivity issues facing managers of mixed-server networks today. Users and developers must cope with a wide range of operating systems and APIs, and with varying levels of support for networking protocols. Beyond that, system directories and the underlying file systems on networked servers also vary widely.
End users using browsers to surf the Web may not see much difference between the servers they access. But this transparency to users can't take place unless IT managers pay close attention to interoperability between the systems themselves.
End users using browsers to surf the Web may not see much difference between the servers they access. But this transparency to users can't take place unless IT managers pay close attention to interoperability between the systems themselves. Serious homework must take place first.
The everyday tasks of data processing must still take place behind the curtains of the Internet's Web: Data must be updated in several types of databases and files must be exchanged between the servers. A unified architecture for system management and network management must be in place. And it's up to system developers to paper over the differences between the application servers that populate the network.
Both panels will underline a theme that is faced by thousands of IT managers today: that they cannot afford to standardize on any one type of computer. Any large corporation, government agency or university will require a wide range of applications - and the applications selected will often determine the type of server purchased or leased.
Even the advent of Internet applications, such as those written in Java, will be deployed on a variety of servers that vary in capacity, number of users supported, and price-performance characteristics. In short, one size and type of server will not fit all user communities - nor should it. So, IT managers must be aware of the servers' built-in differences so they can build a security umbrella and management umbrella that will prevent end users from having a rough ride on the corporate intranet.