Novell

Ray Noorda died today (here). At 82 years old, he lived a full life and certainly created a lot of value for himself and his community in Utah. I only got to meet Ray once at a Novell analyst meeting when I was back at META Group. He seemed like a nice guy, but I must admit to being a bit starstruck as a 24 year old kid meeting the CEO of the biggest company in my space.

Of course, Ray will be remembered as the architect of the strategy that resulted in Microsoft steamrolling Novell in the Network Operating System space basically into oblivion. But that would be a shame because it was Ray and his team that really drove Local Area Networks into mass markets, which led to the networking of the world and set the stage for the Internet.

To give a feel for the scale of Ray's impact, Novell still does hundreds of millions of dollars a year in RENEWAL business on those NetWare licenses. This is basically 7-8 years after NetWare lost the NOS battle to Microsoft's Windows NT. Talk about a cash cow...

I personally will always have a fond place in my heart (yes, contrary to popular belief - I actually have a heart) for NetWare. I was on the volunteer LAN support team at my first job at American Management Systems and that's where I first learned about NetWare.

I was able to parlay that minimal bit of LAN knowledge into a job doing network consulting with Ernst & Young. At E&Y I earned my CNE, which is a pretty valuable certification nowadays. Then I joined META because of my expertise in LANs and network computing applications, and the rest is history.

So I may come down pretty hard on Novell because of their actions today, but in no way, shape, or form will I ever minimize their role in building the networks of yesterday, which set the stage for the interconnected global web of today.

We all owe a debt of gratitude to Ray Noorda for having a big hand in creating the industry that pays all of our mortgages. Godspeed Ray and enjoy the next phase of your journey.

Novell of the walking dead is trying to figure it out, I'll give them that. But I have to say I'm puzzled by their acquisition of e-Security and surprised by the price. At $72 million, that's about 4x this year’s sales (and 6-7x last years) - which is a rich premium for a company not going anywhere fast in a competitive space that ultimately doesn't matter.

Let me explain a bit. First, let’s deal with the Novell side of the equation. It’s not clear what Novell's strategy is. In the release, the marketing folks came up with "Novell will bridge the gap between systems, security and identity management and compliance monitoring and reporting." If you read a bit deeper into the release, you find it's mostly about "compliance." Why do I trust Novell now to handle my compliance needs? Because they have a SIM product? Give me a break.

Here is another great quote from the release: "Novell is the only vendor with the potential to proactively address business needs for a real-time, comprehensive compliance solution that integrates, people, systems and processes." What? I guess CA or IBM don't count? You have to love marketing folks, especially those that have no idea what’s going on in the markets they serve.

Just to be clear Novell is now trying to be in the security, identity, system management, operating system, open source, collaboration and systems integration markets. Obviously a full plate.

I don't know much, but I do know they can't possibly be everything to all people. It's very hard to be competitive in one space nowadays, it's almost impossible to compete effectively in 7. Focus is an issue. But Novell seems intent on throwing crap against the wall until something sticks.

Crap may be the key operative word here. Not that e-Security had a bad product, after 7 years it actually kind of worked. I just think it's a crappy market. Ultimately what is the value that SIM brings to a customer? I've written quite a bit about how reporting needs to be an artifact of doing the right security stuff, if you think in terms of pragmatic security.

Gathering data to look in the rear view mirror to correlate stuff that's already happened is just not interesting. Not even for compliance. The art is to prevent the issues, not to generate a report when a policy violation happens. It doesn't seem that any of the SIM guys are focusing on remediation, which is where I think the action is.

SIM is also old technology. There is a new grouping of vendors, led by folks like Intrusic and GraniteEdge that gather network data (as opposed to log data) and correlate actual traffic dynamics more intelligently to pinpoint "low and slow" attacks that are meant to remain under the radar.

If someone is trying to break down your front door, then SIM would work. But not too many folks use those attack methods anymore. Brute force is out, stealth is in. SIM isn't too useful in detecting stealth attacks.

And the whole security metrics and compliance dashboard positioning is not the answer. I am a fan of fixing something and then pulling a report. A dashboard watches something happen and then tells you about it. Again, how useful is that?

When I worked with Peter Tippett at TruSecure, he would ask customers, "how useful is it to learn that a torpedo just ripped through your engine room?" Customers would laugh. He wasn’t joking. You need to know about the torpedo way before, if you are going to do anything about it. Alright, I'll get off the soapbox now.

e-Security customers should be pleased. They get a few more years of life. Novell will be rescued by someone at some point. They've got a lot of cash, so the e-Security stuff will be around for a while. And e-Security's investors should be very pleased - this is a good outcome all things considered. Clearly folks like Intellitactics and NetForensics need to find partners quickly.

During my daily scan of the newswires and other information sources I came across some coverage of Novell's Brainshare conference and I just reminisced about when Novell was the king of the hill. 

At the risk of dating myself, back in the early 1990's Novell was the big thing. Yes, bigger than Microsoft. They dominated a market for network operating systems and many folks (myself included) scrambled to get a CNE (Certified NetWare Engineer) because that was the path to prosperity. I actually owe my first networking consulting job to my ability to converse about NetWare, so I have fond memories of those days.

Those days are long gone. How the mighty have fallen.

NetworkWorld ran a story today called "Does Novell Still Have Mindshare?" Read it here. The answer is clearly no. Ever since Microsoft turned its target on dominating the network operating system world with a small product called Windows NT, Novell has constantly been marginalized. They've gone through more reincarnations than Shirley MacLaine, and now are trying to be an Open Source and Identity Management (IDM) software provider. But to say anything besides that they've failed miserably in everything they've tried since NetWare is to obscure the truth.

This week they announced a new IDM suite at their annual conference of irrelevance and some stuff they are doing with the Linux desktop. Guess these guys have delusions of grandeur that they will take back the desktop from Microsoft. Get me some of the stuff they are smoking.

The sad thing is everything I've heard about their technology has been positive. The directory is still strong, the management stuff works, and the IDM products leverage everything to provide a strong offering. But it doesn't matter because it's still Novell.

So Novell now officially joins the "Hall of the Walking Dead" with 3Com. These are the players of long ago that still have lots of money, but such tarnished brands that no self-respecting end user would make any of them a key part of the infrastructure. They buy some stuff and try new things, but the end result always seems the same. Mediocrity. Irrelevance. Failure.

Speaking of a lot of money, Novell still has $1.7 BILLION dollars. They'll be able to walk aimlessly for a long long time. One man's opinion is that they (and their shareholders) would be much better served by giving up the ghost. Sell the technology assets to a vendor that could actually use them and distribute the cash to shareholders. 

Yes, it's harsh. But would you put your reputation and career on the line and make a huge commitment to Novell today? Not a chance. That's what I thought.