Differences Between BorderManager 3.8 and Previous Versions
Добавлено: 19 ноя 2003, 05:13
BorderManager 3.8 retains all the feature of previous versions of BorderManager 3.0, 3.5, 3.6 and 3.7, and adds several enhancements:
1. BorderManager 3.8 includes licenses for all components. There is no ‘firewall’ or ‘VPN’ version. This is similar to the old Enterprise Edition versions of BorderManager, and is the same as BorderManager 3.7. The licenses for BorderManager 3.8 will not work with other versions. Optional components, such as the VPN client, and Personal Firewall are only provided with the understanding that you have purchased a BorderManager license for anyone making use of them.
2. BorderManager 3.8 only installs on NetWare 5.1, 6.0 and 6.5. BorderManager 3.8 is the only supported version of BorderManager for NetWare 6.5.
3. BorderManager 3.8 includes VPN clients supported on Windows 98, WindowsME, Windows 2000 and Windows XP.
4. BorderManager 3.8 VPN has been extensively enhanced, and provides far more capabilities than any previous version. BorderManager 3.8 VPN supports IKE-compliant connections, meaning that non-Novell VPN clients and servers that are truly IKE-compliant and industry standard should also be able to make VPN connections to BorderManager 3.8. This includes Linux FreeS/Wan, and clients for Macintosh and even PDA’s.
5. BorderManager 3.7 replaced the old CyberPatrol software with a new SurfControl program, although it still uses the CPFILTER.NLM file name. BorderManager 3.8 also can use SurfControl, though it is no longer supplied on the BorderManager CD. BorderManager 3.7 (with a service pack) and 3.8 can also use N2H2 Sentian Category server.
6. BorderManager 3.8 includes Novell Modular Authentication Services (NMAS) components. NMAS allows for many sophisticated forms of identification/authorization to the network, including token cards, proximity cards, fingerprint scanners, etc, beyond the usual network ID and password.
7. BMAS is replaced with NMAS, giving better RADIUS support.
8. BorderManager 3.8 supports multiple internal mail domains with the Mail Proxy. Previous versions supported only one.
9. Time-based restrictions in access rules can be adjusted in 15-minute increments. Previous versions only allowed one-hour increments.
10. BorderManager 3.8 includes a Personal Firewall. A Personal Firewall is bundled so that remote users connecting via VPN have some measure of protection and do not provide an easy method for hackers to penetrate the network via a VPN-connected host.
11. RAM requirements are higher, especially if SurfControl is being used. The minimum RAM recommendation for a dedicated BorderManager server is now 512MB, 1GB or more preferred. SurfControl recommends an ADDITIONAL 512MB of RAM. In my testing of SurfControl, it used 295MB of RAM, and temporarily doubled that when the update process was running. You should plan for the server to have 1GB or more of RAM.
12. IP Filters and Filter Exceptions can be managed through a browser interface or by using the old FILTCFG program. IP filters and exceptions are stored in NDS in order to make GUI-based management (through iManager) possible. There are numerous ramifications to this change if you are used to using FILTCFG.NLM and are used to backing up and moving filters and exceptions by moving the FILTERS.CFG file. This book does not cover filtering in any great depth, and you should refer to my book “Novell BorderManager: A Beginner’s Guide to Configuring Filter Exceptions” for a thorough explanation. See http://www.caledonia.net and http://www.craigjconsulting.com.