I'm formulating a proposal to amend the Internet access policy of my
organization and wondered if Novell Border Manager could support the
functionality I'm proposing. Could someone knowledgeable of the
product please look it over and give me their opinions?

---
PROPOSAL Network Security Model

Since unrestricted access to the Internet has proven to be a
significant productivity issue within our organization, I propose thefollowing changes in policy for granting Internet access privileges at

NYCT. It provides for easy, on-demand access for those that need it,
when they need it, while at the same time preventing large numbers
employees from 'surfing the net' during business hours.

KEY COMPONENTS:

Unrestricted email access 24/7.

There would be (4) tiers of Internet access, enforced by Novel
Border Manager logins.
o 1 hour window
o 3 hour window
o 1 day window

No employee (including managers) should be granted unrestricted
Internet access. Instead, access would be granted on a need basis,
requiring real-time managerial approval.

Users must obtain their managers approval before access is granted
and managers must give a reason when issuing privileges. Managers
would be expected follow guidelines and logs will be kept. Audits
should be conducted periodically.

Access is granted through an online panel, that only managers and/or

designated individuals can access. Once access is granted, the user
can only access the Internet for up to the maximum time window
allocated.

As an accommodation to employees, Internet access would be open to
all between the hours of 12pm and 1pm daily. However, users must be on

their lunch hour when using it for personal reasons.

Under the above model, an employee who needs to access the Internet
would only have to walk over to his or her manager's desk and requestit. The manager could simply log-on to a Tens page... specify the
employee's pass number... provide a 1 sentence reason and chose one of

4 time allocations. Hit OK and that's it.

The next time the employees attempts to log on to the Internet, the
Novel Border Manager will grand access only for the time period
specified.

Aside from increased productivity, NYCT will realized significant
savings in network resources.

---


Thanks,

A_C