Steve Beus
GroupWise 5.2, Novell's groupware product, offers a secure environment for sending and receiving e-mail messages and performing a variety of collaborative tasks, such as managing documents and tracking workflow. However, some organizations require even more stringent security features than GroupWise 5.2 already provides. For example, U.S. military personnel can purchase only groupware and messaging products that meet the requirements of the Defense Message System (DMS) initiative.
To help the U.S. military and other organizations implement a highly secure messaging system, Novell is releasing GroupWise DMS at the end of 1997. Novell submitted GroupWise DMS to the U.S. Department of Defense for DMS certification, and GroupWise DMS received this certification in September.
This article defines the DMS initiative and then explains how GroupWise DMS meets the requirements of this initiative. This article also describes the types of companies that can benefit from using GroupWise DMS.
The U.S. Department of Defense began implementing the DMS initiative in 1987. The goal of this 10-year initiative is to update the U.S. military's messaging requirements so that U.S. military personnel throughout the world can take advantage of secure messaging.
The DMS initiative has a large scope: In addition to addressing hardware and software issues, this initiative establishes requirements for messaging procedures, standards, facilities, and personnel necessary to exchange e-mail messages within the U.S. Department of Defense.
To meet these requirements, the U.S. Department of Defense must introduce new, secure technologies such as GroupWise DMS while retaining the benefits of several messaging systems used since the 1960s. For decades, U.S. military personnel have used a secure messaging system called the Automatic Digital Network (AUTODIN), which is a proprietary system based on mainframe technologies. AUTODIN processes sensitive U.S. military communications and transmits these communications among U.S. personnel throughout the world. Although the U.S. Department of Defense considers AUTODIN to be both reliable and secure, AUTODIN is outdated and expensive to maintain. As a result, the U.S. Department of Defense plans to phase out AUTODIN by the year 2000, gradually replacing AUTODIN's components with DMS-certified products.
U.S. military personnel have also used a variety of solutions for unclassified messaging. For example, the Defense Data Network (DDN), which was created by the U.S. Department of Defense, has since evolved into the Internet. (Universities and research organizations adopted the protocols used in DDN to build the Internet.) Although U.S. military personnel still use the Internet for some types of unclassified messaging, the U.S. Department of Defense is concerned with the Internet's lack of security and manageability.
In addition, many individual U.S. military bases have implemented commercial groupware products such as GroupWise, Lotus Notes, and Microsoft Exchange. Although these products are effective for unclassified messaging, they do not provide a global, manageable infrastructure for secure messaging. As a result, the U.S. Department of Defense drafted the DMS initiative and created the DMS certification process to determine which groupware products offer highly secure messaging. (In addition to GroupWise DMS, DMS-compliant versions of Lotus Notes and Microsoft Exchange have received DMS certification. U.S. military bases must replace all commercial groupware products with one or more of these DMS-certified products.)
To earn DMS certification, a product must support the following standards and protocols:
A product must pass four test suites approved by the U.S. Department of Defense and conducted by the Joint Interoperability Test Center.
To pass these tests, a product must be able to send and receive secure e-mail messages. The product must also support standards such as X.400 and secure protocols such as MSP. In addition, the product must be able to exchange e-mail messages with all DMS-certified client software and to communicate with DMS server components, which include a message store (MS), message transfer agents (MTAs), and directory service agents (DSAs).
Beginning in 1997, U.S. military personnel were required to purchase only groupware and messaging products that conform to the DMS initiative. Novell created GroupWise DMS to conform to this initiative. With GroupWise DMS, the thousands of U.S. military personnel who currently use GroupWise can continue to do so. In addition, U.S. military personnel who use other groupware and messaging products can now migrate to GroupWise DMS.
GroupWise DMS offers all of the advanced functionality that is available in the commercial version of GroupWise 5.2. For example, GroupWise DMS includes the universal mailbox, calendaring and scheduling capabilities, document management features, imaging, and workflow features. In addition, GroupWise DMS offers the security, encryption, and digital signature functionality that is required by U.S. Department of Defense's DMS initiative. As a result, GroupWise DMS provides a secure groupware solution that is also extremely reliable and highly scalable.
GroupWise DMS is client software that consists of two components:
GroupWise DMS does not offer server software. Rather, U.S. military personnel must purchase and install DMS-certified server software, which consists of MSs, MTAs, and DSAs. GroupWise DMS then works with this software, allowing users to send and receive e-mail messages and query the global X.500 directory. (You can download a list of DMS-certified client and server software from ftp://192.152.21.1/public/ccpl.htm.)
Novell created GroupWise DMS by adding the following security capabilities to GroupWise 5.2:
Because these security capabilities are integrated with the GroupWise universal mailbox, users can access these capabilities through the familiar GroupWise 5.2 interface.
To ensure that GroupWise DMS met all of the requirements for DMS certification, Novell developed GroupWise DMS with Raytheon E-Systems, an experienced contractor for the U.S. Department of Defense and a leader in creating secure communications systems. Raytheon E-Systems engineers worked closely with Novell engineers and U.S. Department of Defense testing officials to ensure that GroupWise DMS included the security features necessary to receive DMS certification.
Although GroupWise DMS is targeted at the U.S. military, any company that needs a secure messaging system can benefit from GroupWise DMS. In fact, you can use GroupWise DMS as part of a secure IntranetWare or NetWare 4.11 network: NetWare 4.11 (the network operating system included with IntranetWare) recently received Class C2 certification from the U.S. National Computer Security Center (NCSC). (For information about Class C2 certification, see "NetWare Enhanced Security: Class C2 Security for Your Network," NetWare Connection, Nov. 1996, pp. 4453.)
Several U.S. military sites are testing the beta version of GroupWise DMS. Because GroupWise DMS is included in the DMS Certified Products List (CPL), any U.S. military site throughout the world can purchase GroupWise DMS as soon as it becomes available. U.S. military sites that currently use GroupWise can even take advantage of upgrade pricing for GroupWise DMS.
With GroupWise DMS, U.S. military personnel will be able to send and receive e-mail messages using open standards and the highest level of security. U.S. military personnel will also be able to take advantage of groupware features such as calendaring and scheduling, document management, workflow, and imaging. In addition, network administrators in the U.S. Department of Defense will be able to centrally manage GroupWise DMS using the NetWare Administrator (NWADMIN) utility, which comes with IntranetWare and NetWare 4. (To use GroupWise DMS, you must have at least one IntranetWare or NetWare 4 server on the network.)
For more information about GroupWise DMS, visit Novell's World-Wide Web site (http://www.novell.com/groupwise/html/defense.html). You can also call 1-703-713-3500.
Steve Beus is a program manager in the Major Market Operations department at Novell Inc.
NetWare Connection, December 1997/January 1998, pp. 22-23