Linda Boyer
Suppose your boss left you the following voice-mail message: You have one month to build the world's largest network, five days to set it up, and another five days to run it. You must configure this network to provide individual GroupWise 5.2 accounts for 250,000 users. In addition, you must ensure that all of these users can access their account to send and receive e-mail messages 24 hours a day--regardless of where the users are located.
Add the phrase "This message will self-destruct," and the instructions are reminiscent of the CBS television series "Mission: Impossible." (If you don't remember this series or if you missed the recent movie entitled "Mission: Impossible," check out http://www.shadow.net/~toe/imf.html.)
Would you accept this mission? Novell did. Last fall, Novell assumed the technical equivalent of a mission impossible by agreeing to set up a network called COMDEX Intranet--Novell Connecting Points (NCP) for COMDEX/Fall '97. (For more information about COMDEX, the largest information technology trade show in the United States, visit http://www.comdex.com.)
At COMDEX/Fall '97, which was held in Las Vegas, Nevada on November 1721, NCP provided individual GroupWise 5.2 accounts for the conference's 250,000 attendees. Using these accounts, attendees could exchange e-mail messages with other attendees or anyone else who had an e-mail address. Attendees could also access these accounts any time and from virtually anywhere during the five days they attended COMDEX/Fall '97.
Less than three years ago, implementing a network for even 100,000 users was considered impossible. At NetWorld+Interop '94 in Las Vegas, however, Novell proved otherwise by setting up the first NCP, which supported 100,000 GroupWise 4.0a accounts.
Since that time, Novell has set up NCPs at NetWorld+Interop, BrainShare, and other trade shows throughout the world. (For more information about NCPs, see "Novell Connecting Point: Live at Trade Shows All Over the World," NetWare Connection, Mar. 1997, pp. 3038.)
All NCPs, regardless of where Novell sets them up, offer the same basic services: For example, each NCP enables users to access their own GroupWise universal mailbox, from which they can send and receive e-mail messages and schedule appointments. Each NCP also enables users to browse the World-Wide Web using the latest version of Netscape Navigator and to view the NCP's Novell Directory Services (NDS) tree using the latest version of the NetWare Administrator (NWADMIN) utility.
All of these services demonstrate NCP's true claim to fame: Each NCP is a large production network (rather than a small demonstration network). NCPs allow Novell to showcase its products, but more importantly, NCPs allow Novell to connect attendees to their office and to each other at no cost.
COMDEX Intranet--NCP received more attention than most NCPs. For example, Compaq and Bay Networks donated millions of dollars in hardware to ensure NCP's success. Dr. Eric Schmidt, chairman and CEO of Novell, and Eckhard Pfeiffer, president and CEO of Compaq, mentioned COMDEX Intranet--NCP in their keynote speeches. In addition, Novell and America West Airlines videotaped various stages of the construction and implementation of COMDEX Intranet--NCP. (For more information about these videos, see "The Web, Smiles, and Videotape.")
What was all the fuss about? In part, COMDEX Intranet--NCP attracted a lot of attention because it was the first production network COMDEX had provided for its attendees. COMDEX Intranet--NCP marked the "first time in history that COMDEX attendees [had] access to virtual offices," says Bill Sell, show director for COMDEX. COMDEX Intranet--NCP, Sell adds, allowed attendees to "focus on what [was] happening at the show, rather than worrying about communications they might [have missed] from their office."
COMDEX Intranet--NCP is also noteworthy for several other reasons:
With individual GroupWise 5.2 accounts for 250,000 users, COMDEX Intranet--NCP supported more than 1 1/2 times the number of accounts Novell had ever tested on an NCP and nearly four times the number of accounts an NCP had ever run. However, the opportunity to provide a viable network for 250,000 users (rather than a demonstration network for a handful of users lucky enough to bump into it) was too enticing for Novell to pass up.
"We wanted to prove not only that we could set up a system for a quarter of a million users," explains Carine Clark, director of Novell's Corporate Events department, "but that we were the only company that could do this--and we could do it in relatively little time." Clark manages the team of systems engineers who design, build, set up, and manage NCP.
Novell Corporate Events systems engineers are accustomed to time constraints, so the "relatively little time" the engineers had to build COMDEX Intranet--NCP did not surprise them. These engineers had less than three months to design COMDEX Intranet--NCP, one month to build it, and only five days to set it up.
COMDEX Intranet--NCP processed approximately 5,000,000 messages in only five days. Because this NCP was processing such a high volume of messages, downtime was not an option. "If the system went down," explains Gary Norton, systems engineer for Novell's Corporate Events department, "users would notice. So the system had to be stable and reliable."
Good equipment (not to mention excellent software and experienced systems engineers) helped make COMDEX Intranet--NCP stable and reliable. Novell Corporate Events systems engineers built this NCP using top-of-the-line hardware donated by Compaq and Bay Networks.
The network operation center for COMDEX Intranet--NCP consisted of several Compaq ProLiant 6000 servers. Compaq's generous donation surprised Novell Corporate Events systems engineers, who could have run NCP on fewer and less powerful servers.
The Compaq ProLiant 6000 servers were connected to nearly 300 Compaq DeskPro 4000 workstations over an Asynchronous Transfer Mode (ATM) backbone. Novell Corporate Events systems engineers set up the network operation center and the NCP workstations in four prominent sites at the Las Vegas Convention Center (LVCC) and the Sands Expo and Convention Center, where COMDEX/Fall '97 was held.
The engineers made the connections between the ProLiant 6000 servers and the NCP workstation sites via seven Bay Networks Centillion 100 switches. These ATM-based switches include 100Base-T and 10Base-T Ethernet ports as well as ATM ports.
Four of the Bay Networks Centillion 100 switches were located in the network operation center, and the three remaining switches were located at the NCP workstation sites--one at each site. To boost bandwidth, Novell Corporate Events systems engineers connected the switches in the network operation center to the switches at the workstation sites via permanent virtual circuits (PVCs) over multiple ATM paths.
Novell Corporate Events systems engineers set up the network operation center and the NCP workstations in four prominent sites at the Las Vegas Convention Center (LVCC) and the Sands Expo and Convention Center, where COMDEX/Fall '97 was held. Network traffic between the LVCC and the Sands traveled over a redundant Digital Subscriber Line-3 (DSL-3), which was previously installed by GeoNet Communications. Like a T-3 line, a DSL-3 transmits digital signals over fiber-optic cable at 45 Mbit/s using Point-to-Point Protocol (PPP).
NCP workstations in the LVCC and the Sands were identical--almost. The NCP workstations located in the LVCC were IPX-based, whereas the NCP workstations located in the Sands were IP-based. However, both the IPX- and IP-based workstations provided access to the same NCP services. For example, regardless of which protocol the NCP workstations were using, these workstations ran Windows 95, the NWADMIN utility, Corel WordPerfect Suite 8, and Netscape Communicator Professional Edition, which includes Netscape Navigator. (Because the applications were stored on each workstation's hard drive and users did not share files over NCP, Novell Corporate Events systems engineers did not have to implement an IPX-IP gateway.)
Novell Corporate Events systems engineers used Novell Application Launcher (NAL) 2.0 to control users' access to all of these applications. Using NAL 2.0's management component, which is a snap-in module for the NWADMIN utility, the engineers created an NDS Application object for each application running on the NCP workstations. These engineers then assigned users rights to the Application objects.
When a user logged in to COMDEX Intranet--NCP from an NCP workstation, NAL 2.0 displayed an icon for every application to which the user had been granted rights. (For more information about how Novell Corporate Events systems engineers use NAL 2.0, see "Novell Connecting Point: Live at Trade Shows All Over the World.")
NCP workstations located in both the LVCC and the Sands also enabled users to access their GroupWise universal mailbox. However, NCP workstations located in the LVCC ran the GroupWise 5.2 client software, whereas NCP workstations located in the Sands did not. When using NCP workstations located in the Sands, users accessed their GroupWise universal mailbox by way of the new Java-enabled GroupWise WebAccess gateway. (For information about the GroupWise WebAccess gateway, see the "Same Mailbox, Same Interface" section.)
Users logged in to an NCP workstation by swiping their COMDEX badge through a magnetic stripe reader attached to the workstations. COMDEX badges include a magnetic stripe, which contains information about attendees, such as their name and badge number.
Always anxious to feature new technologies on each NCP, Novell Corporate Events systems engineers jumped at the chance to use magnetic stripes to log users in to NCP. The engineers stored each user's name and badge number in NDS as the user ID and password. Then when a user swiped his or her COMDEX badge through the magnetic stripe reader at a particular workstation, this magnetic stripe reader passed the user's name and badge number to the IntranetWare client software on this workstation.
The IntranetWare client software, in turn, passed the user's name and badge number to NDS, which compared this information with the information stored about the user in the NDS database. If these two sets of information matched, NDS authenticated the user. This login process, Norton says, "kind of takes us to a Star Trek level of next-generation technology."
Once users had logged in using their COMDEX badge, they could access NCP services and the Internet. Novell was the ISP for these users--a role Novell had not assumed for past NCPs.
Novell Corporate Events systems engineers provided users with an Internet connection via two Ascend MAX 2000 servers. These servers include 24 digital modems and support the Remote Authentication Dial-In User Service (RADIUS) protocol.
The Ascend servers and an IntranetWare server running RADIUS Services for NDS connected COMDEX Intranet--NCP to the Internet over a DSL-3 link--the same DSL-3 link that carried network traffic between the LVCC and the Sands. (See the "RADIUS Services for NDS" section.)
COMDEX Intranet--NCP featured several of Novell's Internet and intranet solutions, most notably the following:
BorderManager is an integrated set of network services for managing, securing, and accelerating users' access to information at the borders--the points at which your company's network meets other networks, such as the Internet. (For more information about BorderManager, see "Novell's Border Services," NetWare Connection, May 1997, pp. 2536.)
For COMDEX Intranet--NCP, Novell Corporate Events systems engineers ran BorderManager on two servers. One server was located at the Sands and the other server was located in the network operation center. All traffic to and from the LVCC and the Sands was filtered through the BorderManager server at the Sands. All traffic to and from the Internet (including Internet traffic to and from the Sands and remote users) was filtered through the BorderManager server in the network operation center.
Novell systems engineer Rhet Thalman, NCP's networking technology guru, configured the BorderManager servers to provide several services for NCP at COMDEX, including the following:
Thalman enabled the caching capabilities on both BorderManager servers. The BorderManager server located in the network operation center cached web files requested by browsers running on NCP workstations in the LVCC or on remote workstations. The BorderManager server located at the Sands cached web files requested by browsers running on NCP workstations in the Sands.
When a user requested a particular web file, the BorderManager server checked its own cache for that file. If the file was not stored in cache, the BorderManager server retrieved this file from the Internet, stored a copy of the file in cache, and then forwarded this file to the requesting browser. If the file was stored in cache, the BorderManager server retrieved this file from cache and returned the file immediately--without having to access the Internet at all.
By caching web files, the BorderManager servers conserved bandwidth on NCP's Internet connection and on the network connection between the LVCC and the Sands. Users didn't know that the BorderManager servers conserved bandwidth, however; users simply noticed that whenever they requested a web file, they received the file posthaste. That's the main advantage of BorderManager's caching services.
Thalman also configured CyberNOT List on both BorderManager servers. CyberNOT List is a component of Microsystems's Cyber Patrol that organizes web sites based on their content. Cyber Patrol, which ships with BorderManager, enables you to use existing lists such as CyberNOT List or to customize your own list to control user's access to the Internet.
For example, using CyberNOT List, Thalman restricted NCP users' access to potentially offensive web sites, such as web sites that contain sexually explicit or violent material. Thalman configured CyberNOT List in BorderManager by simply pointing and clicking his mouse next to the types of web sites he wanted to prevent users from accessing. BorderManager also enables you to restrict users' access to the Internet based on criteria such as the time of day, the protocol being used (for example, FTP or Gopher), and the source or destination address.
In addition, Thalman enabled the IP-IP gateway on both BorderManager servers. This gateway established connections to the Internet on behalf of users using NCP workstations located in the LVCC and the Sands.
Because the IP-IP gateway--not a user's browser--established Internet connections, all Internet traffic appeared to originate from this gateway. In other words, Internet-bound packets included the IP address for only the IP-IP gateway, rendering NCP workstations essentially invisible to Internet hosts.
Although this security feature appeals to network administrators running corporate networks, security was not the reason that Thalman enabled the IP-IP gateway. Rather, Thalman enabled this gateway so he wouldn't have to assign every NCP workstation a registered IP address. The NCP workstations could have "junk IP addresses," Thalman explains, and still access the Internet.
In addition, users could access the Internet through COMDEX Intranet--NCP from their hotel room or from anywhere else they carried a laptop. Using the dial-up networking software on their laptop, users could dial a local telephone number to access the Ascend server in the network operation center. (Novell Corporate Events systems engineers distributed this telephone number in an e-mail message sent to each GroupWise 5.2 account.)
After NCP users dialed the telephone number for and connected to the Ascend server, they were prompted to enter their name and badge number. The Ascend server then passed this information to an IntranetWare server running RADIUS Services for NDS.
RADIUS Services for NDS is a NetWare Loadable Module (NLM) that uses the industry-standard RADIUS protocol to authenticate remote users to your company's network or to the Internet. For COMDEX Intranet--NCP, RADIUS Services for NDS received a user's name and badge number from the Ascend server and compared this information with the information about the user stored in NDS. RADIUS Services for NDS then instructed the Ascend server to allow or deny this user access to NCP.
Once RADIUS Services for NDS authenticated a remote user, the As-cend server randomly assigned the user an IP address. This user was then able to browse the web using his or her own browser.
Although BorderManager and RADIUS Services for NDS were important components of the NCP back end, GroupWise 5.2 was essential. In fact, without GroupWise 5.2, Novell's groupware product for the Internet and intranets, NCP would have been impossible. (See "How Did Novell Handle 250,000 GroupWise Accounts?")
In an October 1997 press statement, Stewart Nelson, vice president and general manager of Novell's Applications Division, alluded to GroupWise 5.2's essential role. COMDEX Intranet--NCP, Nelson said, eliminated "the traditional trade show productivity killer of long waits for pay phones and lengthy walks back to hotel rooms by allowing everyone to stay connected from the show floor."
GroupWise 5.2 enabled COMDEX attendees to stay connected--to each other and to their office--without cost-ly telephone calls or the inconvenience of carrying around a laptop computer. GroupWise 5.2, in other words, fulfilled NCP's purpose.
Novell Corporate Events systems engineers also ran the latest version of the GroupWise WebAccess gateway. By setting up this gateway for COM-DEX Intranet--NCP, the engineers ensured that users could access their personal GroupWise universal mailbox--regardless of where these users were located.
The GroupWise WebAccess gate-way enabled users to access their GroupWise universal mailbox over the Internet using their own laptop or the NCP workstations located in the Sands, which did not run GroupWise 5.2 cli-ent software. The NCP workstations located in the LVCC, on the other hand, did run GroupWise 5.2 client software. As a result, users at these workstations had the option of using either this software or the GroupWise WebAccess gateway to access their GroupWise universal mailbox.
After connecting to the Internet, users entered the uniform resource locator (URL) for the GroupWise WebAccess home page in the address field of their browser. (Novell Corporate Events systems engineers distributed this URL in an e-mail message sent to each GroupWise 5.2 account.) Users then clicked the Login button to ac-cess their GroupWise universal mail-box, after which they could read, send, and manage e-mail messages just as they would using GroupWise 5.2 client software.
The enhanced GroupWise WebAccess interface is virtually identical to the GroupWise 5.2 client interface and enables users to complete the same tasks. In fact, for the first time, NCP users who accessed their GroupWise universal mailbox over the Internet could even send attachments with their e-mail messages--a capability now supported by the GroupWise Web-Access gateway.
GroupWise 5.2 also deserves credit for the efficiency and reliability of COMDEX Intranet--NCP. After all, how many groupware products could generate accounts for 150,000 users within five days and for an additional 100,000 users over the next five days? GroupWise 5.2 did just that.
And how many groupware applications could process more than 1,000,000 e-mail messages per day without a hitch? GroupWise 5.2 did that, too.
Novell Corporate Events systems engineers contributed quite heavily to the e-mail message distribution load. These engineers alone sent approximately one dozen e-mail messages to each of the 250,000 accounts. The engineers sent e-mail messages to welcome users, to advertise the times and places for keynote addresses and classes, and to explain the GroupWise 5.2 contest. The e-mail messages regarding this contest prompted users to complete various tasks, such as scheduling particular users for hypothetical meetings.
By entering the GroupWise 5.2 contest, users had an opportunity to win one of five laptop computers, which were donated by Compaq and awarded daily. Users also had an opportunity to win the grand prize--a 1997 Porsche Boxster, which was awarded at the end of the week, courtesy of Novell.
No company other than Novell has been able to design, build, set up, and manage a production network of even half the size of COMDEX Intranet--NCP. Yet Novell implemented COMDEX Intranet--NCP and continues to implement NCPs at NetWorld+Interop, BrainShare, and other trade shows throughout the world, again and again. And each time, Novell makes NCP a little faster, a little bigger, a little better.
With each implementation of NCP, Clark says, Novell makes the following message clear to every trade show attendee: "Novell is a networking company, and we built this network for you."
Linda Boyer works for Niche Associates, an agency that specializes in technical writing and editing. Niche Associates is located in Salt Lake City, Utah.
NetWare Connection, December 1997/January 1998, pp. 24-32