This is a multi-part message in MIME format. ------=_NextPart_000_0175_01C1AA91.B113CFD0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit ----- Original Message ----- From: "Victor Tsaran" <tsar@sylaba.poznan.pl> To: "Speakup List" <speakup@braille.uwo.ca> Sent: Thursday, January 31, 2002 7:28 AM Subject: FWD: Linux VS Windows Dear listers, I think this is quite an interesting article. Best regards, Victor ------=_NextPart_000_0175_01C1AA91.B113CFD0 Content-Type: text/plain; name="Evaluating Linux Reality vs. hype.txt" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="Evaluating Linux Reality vs. hype.txt" Evaluating Linux: Reality vs. hype=20 Judging from my recent columns =93Save big by replacing NT file servers = with Linux Samba=94 and =93Don=92t look now, but Linux 2.4 is = enterprise-ready,=94 you can easily tell that I=92m a fan of Linux. = However, I certainly don=92t want to oversell Linux to TechRepublic = members. Linux continues to suffer from too much hype and exaggeration. = My goal with today=92s column is to help sort out the real advantages = and disadvantages of deploying, managing, and supporting Linux in a = corporate environment. Why Linux is getting so much attention A lot of the attention Linux has received in the last few years is based = less on what Linux is and more on what Linux is not. Quite simply, Linux = is not Microsoft. In fact, Linux might adequately be termed the = antitheses of Microsoft.=20 =20 Microsoft and its products are centralized, polished (at least in terms = of image), proprietary, user-friendly, and generally pretty expensive. = Linux and its software products are decentralized (in most cases), open = source, a little difficult to use, and generally quite inexpensive (at = least up front). Much of the hype that swirls around Linux is centered on the hopes of = many people, both within and outside the IT community, that Linux will = help unloose Microsoft=92s stranglehold on the software market. However, = IT professionals seeking to deploy the best solutions based on sound = business principles must cut through this hype when evaluating whether = the OS meets the requirements of various situations. The Linux security myth The first, and most prevalent, piece of hype I must dispel is the = =93Linux security myth.=94 I have to admit that it was reading a number = of flawed and misleading arguments about Linux security made by members = in TechRepublic discussions that prompted me to write this article. Many = TR members have been asserting that Linux is inherently more secure than = Microsoft=92s popular Windows NT/2000 platform. I strongly believe that = argument is dead wrong, and I=92ll tell you why. First, I must say that few people know Linux like Jack Wallen, and his = Linux tutorials are some of the best in the business. You can tell from = his writing that he passionately wants Linux to succeed in the IT = marketplace. I think that a lot of the TR members who are making = outrageous claims about Linux security are Linux enthusiasts like Jack. However, arguments that claim that Linux is not susceptible to viruses = like ILOVEYOU and other damaging activities simply because it hasn't = been affected so far are flawed from a network security standpoint. = It=92s like saying, =93Let=92s go to the second floor of our glass house = because the people outside are throwing stones only at the first floor = right now.=94 Eventually, they=92ll start throwing stones upstairs, too, = and eventually, hackers and virus writers will start targeting Linux. = Suggesting that a switch to Linux will keep your organization out of = harm=92s way is a temporary solution, at best, and is not a good = security strategy. No operating system is inherently secure, with the possible exception of = something like Trusted Solaris, which is built entirely around security = in order to serve the needs of government contractors and high-security = industries. The security of most operating systems (including Trusted = Solaris, to an extent) depends heavily on the configuration of the = administrators who design, implement, and manage them. Linux enthusiasts often point to the fact that Redmond is continually = releasing new patches for Windows as an indicator that Microsoft = products are less secure. However, these numerous flaws are found = because of the sheer numbers of administrators, security experts, and = hackers that put Windows under the microscope every single day.=20 =20 That=92s not to say that Microsoft should not make security a higher = priority in its development efforts. Obviously, it should. But putting = Linux under the same microscope reveals a plethora of security flaws, = too, as evidenced by the fact that companies such as Red Hat are also = continually releasing security patches to their Linux distribution. In defense of Linux security, I will side with Linux partisans in = agreeing that an administrator can more thoroughly lock down a Linux = system than a Windows NT/2000 system because of the open source nature = of Linux and the fact that you can get in and look at every aspect of a = Linux system=97something that=92s not possible with Windows software = because of its proprietary nature. However, security still depends heavily on the person(s) configuring it. = A well-configured Windows server is certainly more secure than a poorly = or partially configured Linux server, and=97let=92s be honest=97it=92s = much easier and faster to configure and lock down Windows NT/2000 than = Linux. Nevertheless, as I mentioned above, if you have the time, = inclination, and/or necessity for providing maximum security, it is = possible to drill down further into the Linux OS and make it very = secure. Keep in mind that this takes considerable effort, and there are = still no guarantees since Linux ultimately has its own security flaws = that are continually being patched by vendors and developers, just like = Microsoft. Ultimately, my goal here has been to dispel the myth that Linux is = inherently more secure than Windows NT/2000 because, clearly, it is not. = That being said, I think we=92re ready to have a sane look at some of = the areas where Linux has considerable value, as well as some of the = penguin=92s drawbacks. Figure A shows a rundown of the Linux pros and = cons that we=92ll be discussing. A look at the true costs You can=92t talk about the advantages of Linux without talking about = dollars (or whatever your national currency may be). One of the = tried-and-true methods of turning big profits in the software industry = is by requiring a paid license of your software for each machine on = which it is loaded (see Microsoft Corp.). Linux flies in the face of = this trend by not requiring a paid license for using the operating = system. For example, you can buy one $29.95 Red Hat Linux CD and use it to load = Linux on 100 servers. You do not owe Red Hat any additional money and = you are still legally within the terms of the General Public License for = Linux. If you had decided to load Windows 2000 on those 100 servers, it = would have cost you in the neighborhood of $75,000=97if you took = advantage of one of Microsoft=92s volume discount programs. Obviously, = this factor alone can make Linux very attractive. Actually, in a situation such as this, Linux can save you even more than = the cost of the licenses because the hardware requirements for Linux are = significantly less than Windows NT or 2000 for accomplishing the same = tasks. For example, whereas a Windows 2000 server really requires a = minimum of 256 megabytes of RAM to accomplish basic file and printer = sharing, a Linux server can offer comparable performance when handling = the same tasks with 64 to 128 megabytes of RAM. Deployment and support Another one of the most widely extolled virtues of Linux is its = stability. Once you get Linux properly configured=97a task that=92s not = for the faint of heart or the inexperienced=97you can definitely reap = the benefits of excellent stability. I have heard enough stories from = other administrators about Linux Web servers, DNS servers, and firewalls = that were configured and then not touched again for over a year to = believe fully in the stability of Linux. I can also personally vouch for = the Linux firewall on my network, which has been running without a hitch = for four months, and a Linux Web server I helped set up that ran = uninterrupted for over six months. However, this stability does not come without a price. Setting up and = configuring any kind of server functionality on Linux takes considerable = effort and often an initial period of trial and error in order to make = it work. I think it=92s fair to say that even for a Linux expert, it = takes much more time to configure Linux on the front end than it does to = configure similar server functionality on Windows NT/2000. Again, this = effort is often rewarded by a stable and reliable Linux server that does = not need as much babysitting as many Windows NT/2000 servers require.=20 =20 What does this mean? If you are going to deploy Linux, you must have = some well-trained Linux experts around. So you=92ll need to train your = current staff or find some Linux consultants to assist in the process. = Either way, you=92re going to be looking at incurring considerable = expenses to deploy Linux. Support is another area where Linux costs can exceed the costs of = Windows NT/2000. Linux/UNIX administration is more complex and therefore = more expensive. It also takes longer to train your staff on Linux, which = increases the cost even further. Finding Linux consultants and good = Linux support can also be a major challenge. In addition to being more complex and challenging to configure, Linux = can be more difficult to troubleshoot when things do go wrong. This = makes it even more essential to have well-trained Linux professionals = available whenever you are deploying Linux for a mission-critical = function in your organization. Unfortunately, finding good training = programs, first-class Linux support, and competent Linux consultants can = all be challenging at this point. These things need to be nailed down = before any Linux deployments move forward. Back to the plus side, remote administration of servers is much easier = and more efficient on Linux than on Windows NT/2000 because all = administration tasks can be accomplished from the command line. Thus, a = remote technician can dial in to the server on a phone line or make a = secure shell (encrypted Telnet) connection over the Internet and set up, = modify, or troubleshoot the server. Not on the desktop I have to address one final topic. Recently, I=92ve chuckled a bit as = I=92ve read some of the discussions and member e-mails in response to = our recent series of articles on Microsoft product activation. Many = members, frustrated by Microsoft=92s antipiracy techniques, have vowed = to switch their desktop machines to Linux if Microsoft continues its = plans for restriction licensing on Windows and Office XP. While I fully = identify with their frustration, I think that nine out of 10 of the = people who make this claim must have never used Linux on the desktop. If = they had, they would know that Linux still does not offer a common, = viable desktop solution. While Linux servers are rock-solid stable, the Linux desktop is = notoriously buggy and unstable. Key Linux desktop applications such as = StarOffice, WordPerfect, and Netscape Navigator are prone to frequent = crashes. Some Linux distributions and versions have no trouble with = these applications, while others deliver pitiful performance or can=92t = even get them to run. Many of those who attempt to use these = applications will long for the stability and performance of Microsoft = Office and Internet Explorer. I believe that this is mostly due to a = lack of standards between different Linux distributions and desktop = environments. Unfortunately, the Linux desktop is inconsistent across = the different platforms, versions, and GUIs. Thus, it simply isn=92t = ready for prime time yet. The final word When it comes to Linux, I am a realist and not the kind of convert or a = zealot that characterized the early Linux user base. I am the kind of IT = professional that Linux needs to win over in order to build a lasting = niche in this industry. In this article, I=92ve tried to take a sober = look at Linux=92s advantages and disadvantages to help administrators = see through the hype and make sound business decisions when considering = a Linux deployment. ------=_NextPart_000_0175_01C1AA91.B113CFD0--