In-Depth

Inside IBM

• 02/01/1999

IBM Global Services announced a licensing agreement with Infoliant for their Year 2000 Network Advisor. The Year 2000 Network Advisor is an interactive, online database that catalogs readiness information of more than 20,000 desktop, midrange systems, and network hardware and software products from more than 400 manufacturers. Subscribers access the Year 2000 Network Advisor through the Internet with a standard Web browser, or by having it set up on their organization's internal network.

The Year 2000 Network Advisor enables users to search the readiness status of more than 20,000 products currently cataloged in its database. Users will find an overview of the manufacturer's Y2K readiness efforts, readiness status of specific products and a recommended corrective plan of action for each product. In addition to The Year 2000 Network Advisor's extensive database, its Compliance Tracker feature eliminates a user's need to repeatedly check manufacturers' readiness information. Compliance Tracker proactively monitors manufacturers' Y2K readiness information and sends users unlimited e-mail notifications as manufacturers update readiness information.

The interactive database also features the Personal Product Portfolio, which allows users to "tag" products, thus creating personalized portfolios of products and their readiness status. The data in the portfolios can be downloaded in a variety of formats for use with other applications. The Statistical Summary Reports feature enables users to produce an online cross-tabulation of the information in their portfolio by readiness status and vendor.

IBM's cryptographic coprocessor, a product designed to provide secure e-business transactions, earned the highest certification for commercial security ever awarded by the U.S. government. This is the first product to ever achieve Federal Information Processing Standard (FIPS) 140-1 Level 4 certification.

The IBM 4758 PCI Cryptographic Coprocessor provides a tamper-sensing and tamper-responding environment in which to run sensitive applications. Upon detection of physical attack, including penetration, radiation, voltage, excessive cold or heat, the device is "zeroized" and the sensitive information erased.

The coprocessor, a programmable PCI card, offloads computationally-intensive cryptographic processes from the hosting server, and performs sensitive tasks unsuitable for less secure general-purpose computers. The device contains hardware accelerators for cryptographic operations, and the accompanying software has security features, yet is still fully programmable. It runs on a range of IBM and non-IBM platforms, including IBM's RS/6000 and Netfinity servers. Supporting software is available for IBM's AIX and OS/2 operating systems, as well as Windows 2000.

The FIPS 140-1 standard is used to qualify cryptographic module security so users can determine that a product meets their requirements. FIPS certification is recognized and supported by both the U.S. National Institute of Standards and Technology (NIST) and the Canadian Communications Security Establishment (CSE). To date, no other product from any company has achieved an overall Level 4 validation. At Level 4, an independent laboratory is permitted to attempt virtually any physical attack on the product and must also verify a formal mathematical analysis of the software. Only a few devices have received even an overall rating of Level 3, in which the attack scenarios are limited, and the software is not formally analyzed.

The IBM 4758 Cryptographic Coprocessor was evaluated by InfoGard Laboratories, a government-accredited independent laboratory in San Luis Obispo, CA. FIPS 140-1 evaluation consists of a battery of tests in 11 different areas of security. In receiving a Level 4 validation, the IBM 4758 hardware and its security configuration software received the highest possible rating in each and every one of the 11 areas.

The IBM 4758 performs numerically intensive cryptographic operations, with hardware accelerators for Data Encryption Standard (DES) and public key algorithms. The hardware, a Type-3 PCI card, also contains a 486-compatible microprocessor, a hardware random number generator, a time-of-day clock, battery backed memory, flash and volatile memory, all within a tamper-detecting and tamper-responding enclosure.

Lotus has shipped Lotus Sametime 1.0, a family of products that allow organizations to share and collaborate on documents in real-time, as well as immediately find and converse with colleagues and partners worldwide. Lotus Sametime, which also includes secure, reliable management features, enables organizations to exploit the knowledge that exists within the organization by providing a cost-effective, secure method of instantly sharing knowledge with others, regardless of their geographic location, whether it be across town or across the world.

In conjunction with the shipment of Sametime, Lotus also announced a set of services and Business Partner programs, designed to further enable organizations to efficiently implement and extend their current infrastructure with Sametime solutions within their enterprise. Organizations can utilize Sametime, which supports 15 languages, as a stand-alone collaboration solution or as a complement to Lotus Domino 4.6 and Release 5.

Sametime contains out-of-the-box capabilities that allow organizations to leverage current investments in any standard Web browser, T.120-based client - such as Microsoft NetMeeting - or the Lotus Notes client for use in the Sametime Online Meeting Center. The Online Meeting Center, which utilizes the standards-based, secure Sametime Server, allow organizations to share live documents or applications with workgroups of any size, helping dispersed product teams coordinate project resources.

In addition to providing out-of-the-box capabilities, Lotus Sametime includes application development capabilities that allow Business Partners and Value-Added Resellers to create and customize applications to meet specific business needs. Sametime offers a range of developer tools including C/C and Java APIs and associated class libraries, as well as a set of Java and Active/X components for shared objects, awareness and conversation services.

IBM announced that it has sold 8,000 of its "thin clients" - the IBM Network Station - to American General Finance, and has also sold several thousand Network Stations to SYSCO Corporation.

These purchases help confirm some industry experts' renewed optimism about alternatives to PCs. IDC predicts that the industry will ship 6.8 million units in 2002 - up from 507,000 in 1998 - while Zona Research says 13 million thin clients will ship annually within five years.

In 1998 IBM, sold thin clients to Volkswagen, Guardian Insurance, British Aerospace, Nike, Mazda, Loews Hotels, Ballys Hotel & Casino, Allied Signal, Boston College, Manheim Auctions and First Union.

Thin clients display the same programs as on a PC, but there are no moving parts, hard drives or diskette slots, so require less maintenance and end-user configuring. The IBM Network Stations start at $499.