IBM Introduces OS/2 Directory & Security Services Beta Program

AUSTIN, Texas, September 27, 1995 -- IBM today announced it will begin beta
testing for its Directory & Security Services (DSS) for OS/2 LAN Server
4.0. The shipping version of DSS will allow more users to easily and
securely access distributed network resources on an OS/2 Warp Server
network. DSS will integrate LAN Server 4.0 file and print sharing
capabilities with open, scalable networking features based on
industry-standard technology from Open Software Foundation (OSF)
Distributed Computing Environment (DCE) Version 1.1. The beta is scheduled
to be distributed to testers in October.

"Customers want completely secure, multiplatform, enterprise networks,"
said Art Olbert, vice president of LAN Systems, IBM's Personal Software
Products division. "By combining IBM's server operating systems and DCE
technology, the new Directory & Security Services enables customers to
build integrated distributed networks to fill this critical need."

DSS complements IBM's family of scalable, network solutions to meet any
size customer needs. For small businesses and large enterprises, these
products include OS/2 Warp Connect, AttachPak, LAN Server 4.0 and the
recently introduced OS/2 Warp Server, currently in beta testing. "With
this new server product, IBM continues to assert itself as the preeminent
provider of market-leading network system offerings for companies of all
sizes," added Olbert.

DSS Eases Administration of Larger Networks

DSS broadens the scope of OS/2 LAN Server 4.0 and Warp Server by allowing
seamless access for thousands of users and resources. With DSS, users can
access such resources as applications, files, printers and modems,
anywhere in the distributed environment. DSS also benefits the network
administrator who can more easily manage a large number of users. It also
simplifies user access by eliminating the need for multiple domain IDs and
passwords.

DSS can integrate distinct workgroups into an enterprise network over a
wide geographical area. Resources can be maintained locally, remotely or
centrally, allowing more flexibility in network administration. For
example, in companies with branch offices that have limited or no system
support, regional administrators can take over the network maintenance.
For companies with multiple domains, DSS can provide central
administration control and a global view of users and resources.

For large organizations that use groups to differentiate departments or
lines of business, the expanded grouping capability of DSS is also
critical. DSS increases the number of groups possible on each server, as
well as the number of individuals within a group. Therefore, customized
groups can be created based on operating needs and more users can be given
easier resource access.

Multiplatform Support with DSS

The final DSS product will provide a single, logical network view of users
on OS/2, Windows 95, Windows NT, Windows 3.x, and DOS file and print
client systems as well as DCE-based client machines. Through this global
view, the administrator can make multiplatform user modifications such as
changes to user passwords and network privileges. As a result, DSS
interoperability protects customers' current system investments and eases
the administration of a heterogeneous environment.

Since many companies have made investments in a variety of different
computing platforms, network integration is a key concern. To address this
issue, DSS provides multiplatform integration and support for transparent,
secure access to other systems in multi-vendor, multi-location networks.
Systems supporting OSF DCE Version 1.1, including users of Hewlett-Packard
(HP) or Digital Equipment Corporation (Digital), can be added to the DSS
database. HP or Digital DCE servers can also be viewed on the network,
resulting in multi-vendor resource access by any DCE clients. To that end,
IBM recently announced the availability of its OS/2 DCE client and server
beta which will allow customers to integrate PC LAN clients and servers
into a DCE network.

DSS Specialized Security Support

DSS provides secure information and resource access based on the DCE
security architecture. DCE architecture implements three key security
concepts including authentication, encryption and authorization.

Kerberos third-party authentication, a DCE feature, is more sophisticated
than a basic password scheme. Third-party authentication provides a
trusted security server capable of authenticating both the client and
server. The DSS security server stores user passwords and ensures that
passwords never have to pass over the network. During logon, the password
is used to generate an encrypted key. The encrypted key, which is passed
back and forth to the server, changes periodically and makes this scheme
even more secure than an encrypted password network. Finally, user
authorization is established to determine what access privileges the
various clients have on the network providing total, end-to-end system
confidence.

DSS Builds on Award-Winning Ease of Use

DSS integrates with the award-winning, easy-to-use OS/2 LAN Server 4.0 by
extending the graphical user interface and drag-and-drop system management
tools such as adding users to a group account. Because DSS inherits server
operating system icons and menus, customers will simply view DSS functions
as new features added to OS/2 LAN Server 4.0 or Warp Server. As a result,
customers can use existing LAN Server knowledge, saving time and money on
retraining.

DSS Offers Increased Productivity & Performance

DSS can be replicated and multiple copies of the registry and directory
databases can exist on the network. This benefits companies with remote
locations that experience connection problems or organizations that
encounter line overloading due to multiple access requests.

With several replicated servers on the network, DSS automatically balances
the workload by sending requests to other servers when the primary
database is overloaded. In addition, having copies at remote offices
increases availability to users, helping companies gain a performance
advantage by saving time if lines go down. Replicated servers can provide
maximum availability and reduce calls to the administrator when users
can't access network resources.

Installation Made "Easy"

DSS provides an "Easy" install path to simplify installation by minimizing
the choices the administrator must make. The final product will offer a
"Tailored" install which will allows users to customize the network during
the installation procedure.

DSS also provides easy-to-use, smart migration tools. DSS migration tools
take existing LAN Server directory and security databases and merge them
into the DSS databases. Plus, when migrating or merging multiple LAN
Server domains, DSS will locate common names and alert the administrator
so that new IDs can be assigned and problems can be avoided with similar
user names. This allows flexibility in domain migration and simplifies
administration.

Support for Application Developers

DSS allows software vendors and corporate developers to more easily develop
distributed applications by using familiar LAN Server procedure calls. In
addition, because DSS contains a combination of DCE and OS/2 LAN Server
4.0 APIs, most existing OS/2 LAN Server applications will run on the
distributed network. Plus, due to the open availability of DCE APIs,
developers can write distributed applications that work on any DCE
platform, thus increasing the market potential for their products.

Availability

The Directory & Security Services beta will be available for the
combination of OS/2 LAN Server 4.0 Entry and OS/2 Warp at no charge. DSS
will be available for OS/2 Warp Server after the final product ships in
early 1996. Applications for the beta package are currently being accepted
via e-mail at majordomo@austin.ibm.com and must include the following two
lines, "get ls-dirsec order.frm" and then "end."
 
 =========================================================
 From the 'New Product News' Electronic News Service on...
 AOL (Keyword = New Products) and Delphi (GO COMP PROD)
 =========================================================
 This information was processed from data provided by the
 company/author mentioned. For additional details, please
 contact them directly at the address/phone# indicated.
 Trademarks are the property of their respective owners.
 =========================================================
 All submissions for this service should be addressed to:
 BAKER ENTERPRISES,  20 Ferro Dr,  Sewell, NJ  08080  USA
 Email: rbakerpc@delphi.com  -or- RBakerPC (on AOL/Delphi)
 =========================================================
