You could have the best product in the world, but without any backers, it's pretty much useless. That's why Novell has been so busy picking up partners to support Novell Directory Services (NDS). Fortunately, the company's partnerships with key network vendors are on track, meaning network executives should be able to implement
NDS-enabled policy-based applications by year-end.
So far, Novell has signed with Lucent, Nortel Networks, Cabletron, IBM, Oblix and a host of other smaller companies. While some of the vendors, such as Lucent, have agreed to license NDS -- which means the company will ship a version of the directory with its NDS-enabled switches -- other companies are simply modifying their devices to work with the directory.
The big holdout has been Cisco, which has had an exclusive agreement to license Microsoft's Active Directory Services for more than two years. Even though ADS isn't expected to ship until the fall, Cisco has said it will still not license NDS. However, Cisco is working on switches, routers and other products that will integrate with NDS, according to Jim Turner, senior manager for network management partnerships and standards at Cisco. Roughly translated, that means he's the guy who's managing Cisco's directory-enabled networking for enterprise customers.
Turner and some industry analysts claim that actually licensing NDS isn't necessary for Cisco to support the directory.
"I would like to see Cisco network services for NDS as well as Cisco network services for Active Directory," says Jamie Lewis, president of The Burton Group. He says he doesn't care how Cisco actually does it. "If they license it, fine. If they don't license it and just write to it, fine," he says.
Without a doubt, Cisco's failure to spell out its position on NDS until recently has left the door wide open for competitors to grab the spotlight.
Lucent eyes integration
Lucent was the first big network vendor to sign on for NDS. The company is taking a more far-reaching approach with Novell, actually licensing NDS so that Lucent can get down into the deepest layer of code for optimal integration.
"The general thrust is to incorporate directory capabilities into a number of our products," says Paul Parker-Johnson, product line manager at Lucent's LAN Systems Group for policy-based networking and network management.
So far, Lucent has agreed to integrate NDS with several products. The first, which is going into beta now and will ship in the fall, is called RealNet Rules.
RealNet Rules is a policy server that employs a graphical user interface to apply quality of service (QoS) and security policies to people culled from the NDS directory server. The rules are stored in the NDS directory server.
Technically, the rules are put in place by using a Lightweight Directory Access Protocol (LDAP) interface between the RealNet Rules policy server and the directory server. To apply the policies to network devices, you click an activation button and the policies are sent from NDS to the network devices. The devices then apply the policies to the traffic flowing through the routers and switches on the network.
RealNet Rules is installed as an application on Windows NT or Solaris, usually in a network management center. NDS can be on the same server or on a server locally accessible to it.
Lucent says RealNet Rules will be able to work with all devices in the Cajun switching family of multilayer LAN switches, as well as Cisco Layer-3-capable devices equipped with IOS Version 11.2 or higher. The switching products are expected to ship in the third quarter.
Parker-Johnson says Lucent will announce integration with other devices, including Lucent's WAN switches. With management in mind, Lucent is integrating NDS and LDAP into its QIP IP Address Manager. QIP IP Address Manager is a tool that lets network managers set up systems for grouping and allocating IP addresses throughout networks. The QIP product came from Lucent's acquisition of Quadratek Systems last year.
QIP IP Address Manager is shipping now, and its cost is based on the size of the server and the number of addresses in your network. QIP starts at a few thousand dollars and can go up to $100,000 for very large enterprise networks, Parker-Johnson says.
Lucent's most innovative tie-in with NDS is NDS' integration with Lucent's Definity enterprise voice switching product line. This integration means objects such as user names, application names or policy rules can be stored once in a directory system and reused by a variety of different network products.
Lucent also plans to use NDS in its Intuity line of integrated messaging servers in the same way.
One goal is to integrate diverse network systems into a common information infrastructure, which should simplify administration. Also, network managers should be able to deploy new services faster by using a common directory.
Nortel has a joint development and marketing agreement to integrate NDS with Nortel's Optivity Policy Services policy management application suite. Users will be able to deploy QoS by tying NDS' user information to Nortel's gear. The product will work with any routers using BayRS 13.20 or Cisco 11.0 routing codes.
Nortel will bundle NDS with the Optivity suite, which is slated to ship this month. The first version will list for $25,000 and will control multiple servers.
According to Michael Simpson, director of strategic market planning at Novell, more than 400 applications are being developed to work with NDS directly. He points out that many other applications that use an LDAP interface will also interoperate with NDS.
"We can take the technology that previously was dependent upon IP and now configure it by a user's identity. So we move from the physical to the logical, and the logical is more consistent and more flexible," Simpson says.
Some other major NDS partners are Oracle, IBM, Tivoli, Texas Instruments (TI), Dell, Compaq, AT&T and other international telecommunications companies.
Cabletron has agreed to integrate its Spectrum management services with NDS, although no shipping date has been set.
IBM will integrate NDS with its Websphere Web server, Oracle will tie in certain databases and Tivoli will work with NDS for software distribution.
Earlier this year, TI announced it will create a software developer's kit to integrate the firm's digital signal processors with NDS. That could mean NDS management of all kinds of portable devices, from cellular phones to handheld computers. Novell's Simpson says 80% of all digital devices shipped in the U.S. last year came from TI and that TI has more than 45% of the global market as well.
Similarly, Oblix is developing software that can use NDS as a general-purpose directory, not just something specific to networking.
"The biggest win for Novell users is that the infrastructure they've deployed over a long period of time can be leveraged in new ways for apps that are more than just network applications," says Ron Palmeri, vice president of business development at Oblix.
One application, Corporate Services Automation, lets you publish information in the directorry to manage directory content for users on intranets and extranets. The lastest Version 3.6, which is NDS-enabled, is in beta and will ship in the third quarter.
This story, "NDS partners are rock solid" was originally published by Network World.