In this report, I will tell how open source software and Linux can be used to reduce costs in the nature of hardware, software, and operating systems in the long term.
Large corporations have been open source for years and continue to use these operations. Small businesses are beginning to look at Linux or OpenSolaris. Small businesses can use VoIP, because the operating system supports it. The software is free, but people with Red Hat Enterprise Workstation/Server or Suse Enterprise Workstation/server or Ubuntu server purchase contracts for tech support. For best performance, you can use Gnome/KDE on Opensolaris distribution and it’ll run like closed source Solaris 10 would, and why it was popular in the first place. Otherwise, you can run Red Hat Workstation Linux and some commercial mature Windows emulator such as Crossover Linux which costs $39.99 instead of $139 for Windows XP Pro/XP x64/Vista Business/7.0 Business. Then, it is possible for employees to be able to execute Microsoft Office 2007 and other specialized software off their Linux workstations through emulators if need be. Otherwise, Administrators can compile Linux Unified Kernel, Wine v1.0, and integrate it into the Linux operating system manually to run Windows applications at no charge. LUK can run Adobe Photoshop on Linux, not native Linux software. [davidtavarez, 2008][Linux, 2008][ neteasyinc, 2008][Codeweavers, 2008]
Windows Server 2008/2008R2 or Windows Vista/7.0 cost money to purchase the OEM to license tech support. The closed source 3rd party software costs money for GPO tools, because companies who develop for Microsoft are usually trying to make a profit off customers. GNU is a non-profit organization with continuously updated applications, because of endless bug reports from all over the world. The major hardware vendors submit hardware drivers to the Linux kernel team to integrate free of charge. The IBM blade servers have Cell Broadband Engines or Cell-based PPC, and Linux recognizes that RISC CPU. Sometimes Blade Servers can have two CBE and XDR RAM in it. That’s like 7 SPEs and 1 PPE per CBE at 3.2 GHz. It makes these servers very fast. Closed source software won’t recognize CBE yet. There are places like South America and Asia that want affordable PCs and that is part of the reason. Another reason is the Department of Defense, and NASA are funding Linux so that the government can see stability for all their many supercomputers. (IBM, 2006)
With Suse Enterprise Server, you can run Apache software for servers which is open source. This is cheaper than Microsoft IIS to run MySQL. Suse Enterprise also supports DHCP, Postfix, DNS, IMAP, Samba, System Statistics (Uses MRTG), User management, Proxy Server. They serve the same file systems. Personally, I always used ReiserFS over EXT3, because it is noticeably faster than the latter. However, EXT4 file system is out in Suse Enterprise 11, OpenSuse 11.2, Redhat Enterprise 5.3, and Fedora 10 so I recommend workstations switching to that file system later this year. EXT4 is supposed to be the flagship file system of Linux as of either Fedora 10 or kernel 2.6.28 and better Linux so I recommend that best solution for workstations if you have either EXT3 or ReiserFS right now. EXT4 is more stable, faster and less fragmented than NTFS for Windows 6.0. Afterwards, Suse 10.1 switched back to the flagship Linux file system, EXT3 so the administrator had to switch file systems again for a speed boost. ReiserFS can handle a lot of small files better than EXT3 and is as mature as EXT3, because both came out in 2001, not including betas. High performance Linux servers use OCFS2 file system, because it’s faster than ReiserFS or EXT4. OCFS2 isn’t as forgiving as EXT3, EXT4 or ReiserFS when concerning unintentional power offs, is but the best server file system out there not in beta. OCFS is an option in most Linuxes since 2006. OCFS2 has also less latency than NTFS. (oracle, 2008)(devx, 2004),
The installers Linux have now-a-days makes installing a breeze especially the Yast Control Panel in any Suse distribution. The ideal way would involve a small army of technicians to execute this installing on workstations so the secret administrator password may stay secret. Someone should burn a DVD per PC with the passwords and file system instructions on paper. The company should make the employees to split the cost of a DVD spindle, use the Administrator and his network technicians install Linux off the DVDs at the similar times. Either way would save a few $1000 on otherwise buying Microsoft licenses and legit Windows OEM CDs. Pirating would be a type of security fraud holding the company accountable.
A lot of open source software is highly robust at an early stage of development and mature open source projects are setting new industry standards. In comparison closed source software has typically a defect report that needs to be filed and then a delay before the vendor determines when or whether to issue new bug fix. What makes open source better is users aren’t at the mercy of the vendor. The open source developers are pride and kudo driven so they want to have the most robusts software before adding features. The motivation to fix bugs is much higher if the source code is freely available. Another important reason why open source software can reduce costs is the stability. The closed source software can be outdated and assist an task, because if it works then end users aren’t motivated to spend more money to upgrade when it suits their needs. If a software supplier can establish a monopoly, force upgrades, than profits are high. One of the motivations is to add improved file formats and applications that can decode/encode them. Users will feel isolated with older versions. With huge amounts of server space, open source provides source code to compile an old version that is compatible with the business needs. Security holes are filled much quicker, because a third party can audit the vulnerability or exploit and send the reports and easily submit a report and expect a fix within 3 months. The GNU actually claims that Linux has less virus vulnerabilities in security breaches or hack attacks with a commercial firewall, because it is newer than Windows kernel in terms of years. Open Source identifies software that is being attacked, yet unlike closed source code will see vulnerability assessment scanners. Vulnerability assessment scanners look for vulnerabilities in configured systems on purpose. [gbdirect, 2008] [DWheeler, 2008]
In terms of Apache servers, open source software can reverse engineer a draft specification into the real product very quickly outpacing that of closed source developers and business strategy. Apache was used with IBM open source since 1998 and is more popular than Microsoft IIS on a year to year basis. The idea is when these open source projects source code is downloadable, it keeps companies from monopolizing file formats. Open source believes it is more business flexible than closed source software, because it allows any business to download whatever they need instead of having features from commercial software that is less than what the company needs. The company isn’t restrained by the software this way so that it is a specifically-built IT platform. The only over-dependency in open source is the requirement of upgrade to new versions that are more stable, faster, more backwards compatible with data formats. Important projects never die, and any group of programmers can resurrect a project if need be as it is passed on. A lot of how toos are documented at Linux vendors website, official forums, unofficial Linux forums, and vendor’s wikis so there is no shortage of support. Because the source code is freely available, organizations are not limited to obtaining support from the authors. The developers of Apache, MySQL, and high profile projects speak of the amount of high-reliability these software process that tech support isn’t a high profile priority even though the vendor does that job. (IBM, PDF, 2008)
With Linux on System Z mainframes, there is more efficient server platforms increased utilization rate, almost doubling from 36% to 79% compared to Microsoft IIS. Linux would reduce possible scalable servers resulting in power savings. Cutting edge applications, especially web-centric applications, are usually made for Linux first, because it is a product of the Internet. According to IBM virtualization today is more mature on RISC and mainframe platform than x86 servers. If Linux was employed, it would have less server footprints. Linux has better compatibility with unified user management available on RISC and mainframe systems. (IBM, PDF, 2008)
Linux is more compatible with high performance computing workloads. These replaced enterprise workloads. Linux has a 10% year to year growth now which is about 13.4% of worldwide factory server revenue. (IBM, PDF, 2008)
Mainframes like System Z have Integrated Facility for Linux processors to accelerate performance of Linux that runs on their servers resulting in the total number of Linux instances increased compared to Linux without IFL. If your system is still x86 based, IBM’s chiphopper program can provide economic benefits. Although, a business doesn’t really need chiphopper. The PowerVM Lx86 emulator will run x86 Linux programs without source code modification. (IBM, PDF, 2008)
With Linux running on System Z the annual savings for 100 users could be 60% IT infrastructure improvement, 25% user productivity improvement, and 14% IT staff productivity increase. Significant cost saves were realized in terms of power/cooling and space utilization with System Z mainframes. With Linux, the downtime was 53 minutes a year compared to five hours with Windows Server. IT staff were able to optimize resources, increase IT service levels, reduce staffing in datacenters and the help desk. (IBM, PDF, 2008)
Pretty much with the hardware reorganization like Cell Broadband Engine, the free updates, the LUK/Wine emulation and fast file systems over Windows; our company is better off cost, hardware and software wise. Linux will always get better, and with closed software, you never know when it’ll go in reverse as far as stability and functionality. Most likely closed software will be unstable at the beginning of the gone gold date, while open source software has no such limitation.
References
Kerner, S.M. (2004, September 29). UNIX vs. Linux: A Vendor's Perspective.
Retrieved January 10, 2009, from CIOupdate website:
http://www.cioupdate.com/trends/article.php/3414891/UNIX-vs-Linux-A-Vendors-Perspective.htm
Anonymous. (2008). Crossover Linux. Retrieved January 10, 2009, from Codeweavers website:
http://www.codeweavers.com/products/cxlinux/
Anonymous. (2008). Open Source can help reduce Small Business costs in the US
Economy. Retrieved January 10, 2009, from Netasyinc website:
http://neteasyinc.com/news/2008/open-source-solutions-can-help-small-business
Drake, J. D. (2004, April 26). RedHat ES 3.0 vs. SuSE Server 8.0: Battle for the Enterprise.
Retrieved January 10, 2009, from Devx website:
http://www.devx.com/opensource/Article/20840/0/page/3
Anonymous. (2008). OCFS2 [file system].
Retrieved January 09, 2009, from Oracle website:
http://oss.oracle.com/projects/ocfs2/
Anonymous. (2008). Benefits of Using Open Source Software.
Retrieved January 10, 2009, from Devx website:
http://open-source.gbdirect.co.uk/migration/benefit.html
Bozman, J. S., Perry, R., Gillen, A., & Hatcher, E. (2008, October). Adding Business Value with
Cross - Platform Solutions : Linux Running on IBM Servers. FTP: IBM. Retrieved January 9,
2009, from IBM Web site: ftp://ftp.software.ibm.com/linux/pdfs/
IDC-adding_business-value_with_cross-platform_solutions-Linux_on_IBM_Systems.pdf
Anonymous. (1998, December 17?). Secure Programming for Linux and Unix HOWTO.
Retrieved January 10, 2009, from Dwheeler website:
http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html
Anonymous. (2008, December 23). Linux Unified Kernel… a new age of operative systems?.
Retrieved January 10, 2009, from Davidtavarez website:
http://www.davidtavarez.com/archives/linux-unified-kernel-a-new-ag-of-operative-systems/
linooxlee (2008, November 04). Subject: Linux Unified Kernel v0.2.2 is released.
Retrieved January 10, 2009, from Linux website:
http://www.linux.com/forums/topic/3348
Anonymous (2009). developerWorks: Cell Broadband Engine Resource Center.
Retrieved January 10, 2009, from IBM website:
www.ibm.com/developerworks/power/cell/
Sunday, January 20, 2002
Sunday, January 13, 2002
Linux
In this paper, I will cover security precautions, file server, printer server for Windows, Macintosh running on Linux. Then I will do the DHCP services. I will draft the services I plan to implement for this server, the files that need to be configured during deployment.
The security I will need to do this will be putting this hardware in a server closet. I should remove floppy and DVD-ROMs in the workstation computers. Go into the Award Phoenix bios and disable the USB ports so that it is impossible to boot off them. I should add a GRUB password. The nohup updateb & command by itself will keep services running in the background as the administrator closes the terminal. With the Plymouth installer (replaced RHGB since Fedora 9), check encrypt with file system to activate encrypting file system. I can use the Sudo command to kill processes without having to use su to switch to root account. The su command could compensate security of your server. I should reduce the number of network services for my company to prevent buffer overruns. The nmap –sT server1 command will list any services running on the server. You can detect crackers with intrusion detection system (IDS) programs, including Advanced Intrusion Detection Environment, Integrity Checking Unity, PortSentry, Snort, Linux Intrusion Detection System, and Simple WATCHer. AIDE would be an alternative to tripwire with added functionality. ICU will work with AIDE to check for integrity. PortSentry monitors traffic on ports to see if it has been probed. LIDS will modify the Linux kernel to increase process and file security so the system would detect a breach. Simple WATCHer monitors log files and alerts administrators. Physical securities I will endorse are locked doors with security badge access to the server room, server cages, and electronic access control for every room that is IT related. For encrypting file system, the IT department needs either Truecrypt or EcryptFS. If Truecrypt is the decision, then Truecrypt will encode an encrypting file system. On the other hand, EncryptFS will store metadata of each file if there is no hardware encryption. EncryptFS is stackable. Truecrypt has AES, Serpent and Twofish algorithms with RIPEMD-160, SHA-512 and Whirlpool hashes. Finally, I would add a Cisco firewall up to it and add CipherOpics CyperEngine for the router so all outgoing information is encrypted. (Linux+, pg 674-676, 680-81, 2006) (Truecrypt, 2009) (EncryptFS, 2009) (Devx, 2008) (routers, 2008) (phoronix, 2008)
For firewall services, Fedora 10 has a Red Hat firewall application under the System , Administration in the upper left hand corner of Gnome. The first list you see is called trusted services and you check the proper ones like IPP, DNS, Samba, Samba Client, The next list is trusted miscellaneous ports. Don't forget to set Default configuration to Server, because desktop is highlighted on first execution. There is a ICMP filter in Firewall Configuration to send error messages. You can create a blacklist in it easily. Older versions of Linux have IPtables where you can set up which IP addresses pass thru and drop the rest IF the administrator wishes to have access to the 192.168.1.0 network. He/she needs to add iptables –f. Next line: Iptables –P FORWARD Drop, Third line: iptables –a FORWARD –s 192.168.1.0/24 –j ACCEPT. Now that network is accessed, but all other networks are blocked. (Linux+, pg 672-673, 2006)
For the print server, I would use common UNIX printing system (CUPS), because it is newer than some others and allows a computer to act as a print server. Fedora uses CUPS as default print system. In Gnome it is managed by the CUPS manager and taskbar where you can delete print jobs. KDE Print is a CUPS front end too.
To create a CUPS server, first use the Lpstat command to see if any print servers are available which there aren’t, but this command is handy if there are print servers available. To create a print job use lp –d printer1 /etc/inittab. The –d will specify the distribution printer.
More options of lp
Description(Linux+, pg 477, 2006)
-d
Destination
-I
Specifies the ID to modify
-n
Number of pages
-o
Sides – sets if it should be two-sided short edge or two-sided long edge
-q
Specifies the print job priority.
More options of lpstat
Description (Linux+, pg 478, 2006)
-a
Displays a list of all printers that are accepting jobs
-d
Displays the default destination printer
-o printer name
Displays the print jobs in the print queue
-p
Displays a list of printers that are enabled
-r
Shows whether the cups daemon is running
-t
Shows all information about printers and their print jobs
Other commands are cancel followed by the IDs to remove jobs. (Cancel p1-1 p1-2) To remove all jobs there is the –u command. I can restrict users with the lpadmin command. (lpadmin –u allow:root, user1 –u deny:all –d printer 1) The Lpr command is used to print documents to the queue. The lpq is to view the print documents in progress. The lprm command is to remove print jobs. (Linux+, pp 474-478, 2006)
If you need an user interface, there is the Printer Configuration Tool in Linux. Use it to browse queues of CUPS origin. Secondly, in the ‘Add a queue name’ dialog box, add the name of the printer (printer1) and short description. Thirdly, click Forward button to specify the queue type of the new printer and the administrator will select CUPS (IPP) from the drop down menu. Fourthly, use raw print queue (you can try postscript later, but first try raw print queue for compatibility). Click Finished. Finally, click on the new option such as “Printer 1” in Printer Configuration tool and when sharing properties named window comes up, select “This queue is available to all other computers” in the Queue tab. Check the box where it says Automatically find remote shared queues in the General Tab. (Linux+, pg 480-482, 2006)
To allow Windows to be compatible with CUPS, you must install Adobe driver from their website. I will be using the Adobe driver for this paper. To use the CUPS driver, go to Add Printer in Control Panel and select Connect to a Printer on the Internet option. When you see a textbox, copy and paste the URL of printer queue such as http://hostname:/631/printers/Printername. Don’t use Generic PostScript Printer, but browse for the /etc/cups/ppd/PrinterQueneName.ppd. To add Windows support for CUPS, you must install the extracted cups-windows-6.0-1.i386.rpm driver to the /usr/share/cups/drivers directory and cups-windows-6.0-1.x86-64.rpm 64-bit drivers to the /usr/share/cups/drivers/ directory. The Windows cups can be downloaded off of http://www.cups.org/software.php. All Windows machines Windows 2000 or above will be backwards-compatible with CUPs post script. Apple had CUPS integrated into MAC OS 10 since 2002. (Owlfish, 2003) (Linux+, pg 478-483, 2006) (CUPS, 2009)
Linux users are supposed to go in Printer Configuration box and select the Printer 1 Queue available. In Windows, click on Add Printer in Control Panel than go down to option “connect to a printer on the Internet.” Use the URL http://hostname:631/printers/RawPrinterQuetename. When completed, the administrator will be able to have print server in windows from a Linux OS. (Owlfish, 2003)
To connect MAC OS 10 to a print server, first select the Print & Fax pane in the System Preferences. Secondly, in MAC OS 10.4, it is only a + icon, but in MAC OS 10.3, there is a Set up Printer at the top of the Window. Thirdly, IN Mac OS 10.3, click the IP Printing from the drop down menu whereas in MAC OS 10.4, click on IP Printer in the Print Browser window. Fourthly, both MAC OS 10.3 and 10.4, select the IPP Option. Fifthly, type in the hostname. Sixth, you’re supposed to type in the Queue field, the IP address. (RIT, 2006) (Danka, 2002)
The Samba file server supports Windows and MAC OS 10. Samba file server will allow Windows users to drag and drop files on a Linux server. Since Fedora 8, Samba is packaged with the OS. First, the administrator has to enable network activity to the SAMBA server. Enable the Ethernet device in Network Configuration Tool. Secondly, the administrator needs to update firewall settings so the Samba server is trusted. In Fedora, click on Security level in System Settings or “system-config-securitylevel”. Aft wards select the Ethernet card so it is a trusted device. Thirdly, configure the Service Configuration so that smb is enabled. Fourthly, logins should be configured. To do this, create user logins using the Gnome User Manager too. There is also a shortcut command, system-config-users. Add users as you need and then think about what directories you will need to access in the SAMBA server. Fifthly, I will need to configure a SAMBA server. This can be done by opening SAMBA inside Server Settings. This will make changes to a file called smb.conf in /etc/samba. From the menu, choose Server Settings than Samba. When the application loads, please press the preference menu and server settings. Use the Windows workgroup name. The authentication mode should be user if the logins are Microsoft ADS. Sixthly, you must add users to it with the Preference menu and the Samba user item. Eighth, add a shared folder by clicking on the add button using the SAMBA services configuration window with one shared directory. Ninth, the administrator will reboot the SAMBA services by clicking from the menu, System Services, Server Settings, and then Services submenu to open Service Configuration window. From there is a restart icon. In the tenth step, the administrator will be in Windows. This can be accessed by the Start menu, run command. Type in \\linuxserver.test.org (plan A) or \\10.2.2.3 (the ip address is plan B). The eleventh step should be signing in with one of the names created in SAMBA in the Server login Window. Once this is done, there should be a SAMBA window in there. (reallylinux, 2006) (Linux+, pg 664 -665, 2006)
To connect a MAC OS 10 PC to a SAMBA Linux server, the user needs to hit Apple key + K key to bring up a server address dialog box. Secondly, the user will need to type in smb://10.2.2.3 in the textbox. Third, you select your SMB mount. Fourth, the user will add the Windows Workgroup name which doubles as Samba workgroup name in the first box, and your username and password in the second and third textboxes. To disconnect from Samba, you should press CTRL+Click (mouse) and then click on Eject text on the dropdown menu of *directory in question*. (techrepublic, 2008) (Linux+, pg 664 -665, 2006)
The server will need Apache web server to host a web site listing company information. Apache is the most popular web server in the world. Apache web server has been included with Fedora for at least 2 years now so it should be on my Installation DVD. If Apache is already installed I would type in the terminal, rpm –q httpd. If some like http-1.7.1-7.2.fc10 shows up in the terminal than Apache is already installed. The administrator should have included it from the installation DVD, but if for some reason he/she wants the latest version, I found how to install and configure Apache web server. In the terminal, you should type su – install http. Launch to see the status of the Apache web server type su - /sbin/service httpd status in the terminal. To start Apache when the system boots add /sbin/chkconfig –level 3 httpd on. (howtoforge, 2008) (Linux+, pg 663, 2006) (Techotopia, 2007)
Now I am about to configure the Apache server for the domain name. Open up a text editor such as Gedit in Linux and edit the httpd.conf file in the etc/httpd directory. First type ServerAdmin webmaster@myexample.com with serverAdmin as your real name. Next, type in Servername myexample.com with the server name as the real name. Afterwards define where the web site files are going to be located with the documentroot command. An example would be DocumentRoot /var/www/myexample.com. I would create a html file with Open Office or Gedit and save as index.html in the /var/www/Myexample.com directory. The final step would be restart the server by using su - /sbin/service httpd restart. (howtoforge, 2008) (Linux+, pg 663, 2006) (Techotopia, 2007)
Commands for Apache
Description (Linux+, pg 663, 2006)
Listen 80
Specifies that the Apache daemon will listen to HTTP on port 80.
Servername server1.class.com
Specifies that the name of the local server is server1.class.com
DocumentRoot “/var/www/html”
Specifies that the document root directory is /var/www/html
Directoryindex index.html
Specifies that the index.html file in the document root directory will be sent to clients
Errorlog /var/log/httpd/error_log
Specifies that all Apache daemon messages will be written to the /va/log/httpd/error_log file.
MaxClients 150
Sets the maximum number of simultaneous requests to 150.
User apache
Specifies that the Apache daemon will run as a apache local user account
Group Apache
Specifies that the Apache daemon will run as a apache group user account
To get DHCP operating in Fedora 10, the packages should already be on the installation DVD and otherwise go to the URL http://download.fedora.redhat.com/pub/fedora/linux/releases/10/Everything/x86_64/os/Packages/ and search for DHCP-4.0.0-30.fc10.x86_64.rpm and dhclient-4.0.0-30.fc10.x86_64.rpm. Secondly, the next set of directions is if for any reason the DHCP files weren’t installable from the installation DVD or that version is too outdated. Third, you type $./configure $make. Fourth type in $ sudo make install in the terminal. . Fifth, once the DCHP program is compiled in GCC, now I should type in sudo cp server/dhcp.conf /etc. Sixth, you must configure the settings to match my system settings. Seventh, for help on configuration options, type in man dhcp-options in the terminal. Eighth, in the terminal type in sudo touch /var/lib/dhcp/dhcp.leases to get your configure checked for human errors. Ninth, the administrator is allowed to activate DHCP by typing in the terminal: $ sudo chkconfig --level 35 dhcpd on. Finally, the administrator will need to restart the DHCP by typing in the terminal: $ /etc/init.d/dhcp restart. (askdavidtaylor, 2006) (Linux+, pg 662, 2006)
After all this, the server and workstations should be secure and ready to go. I did Windows, MAC OS 10, and Linux to the Fedora print servers, I logged Windows, Linux, and MAC OS 10 to the file server.
The security I will need to do this will be putting this hardware in a server closet. I should remove floppy and DVD-ROMs in the workstation computers. Go into the Award Phoenix bios and disable the USB ports so that it is impossible to boot off them. I should add a GRUB password. The nohup updateb & command by itself will keep services running in the background as the administrator closes the terminal. With the Plymouth installer (replaced RHGB since Fedora 9), check encrypt with file system to activate encrypting file system. I can use the Sudo command to kill processes without having to use su to switch to root account. The su command could compensate security of your server. I should reduce the number of network services for my company to prevent buffer overruns. The nmap –sT server1 command will list any services running on the server. You can detect crackers with intrusion detection system (IDS) programs, including Advanced Intrusion Detection Environment, Integrity Checking Unity, PortSentry, Snort, Linux Intrusion Detection System, and Simple WATCHer. AIDE would be an alternative to tripwire with added functionality. ICU will work with AIDE to check for integrity. PortSentry monitors traffic on ports to see if it has been probed. LIDS will modify the Linux kernel to increase process and file security so the system would detect a breach. Simple WATCHer monitors log files and alerts administrators. Physical securities I will endorse are locked doors with security badge access to the server room, server cages, and electronic access control for every room that is IT related. For encrypting file system, the IT department needs either Truecrypt or EcryptFS. If Truecrypt is the decision, then Truecrypt will encode an encrypting file system. On the other hand, EncryptFS will store metadata of each file if there is no hardware encryption. EncryptFS is stackable. Truecrypt has AES, Serpent and Twofish algorithms with RIPEMD-160, SHA-512 and Whirlpool hashes. Finally, I would add a Cisco firewall up to it and add CipherOpics CyperEngine for the router so all outgoing information is encrypted. (Linux+, pg 674-676, 680-81, 2006) (Truecrypt, 2009) (EncryptFS, 2009) (Devx, 2008) (routers, 2008) (phoronix, 2008)
For firewall services, Fedora 10 has a Red Hat firewall application under the System , Administration in the upper left hand corner of Gnome. The first list you see is called trusted services and you check the proper ones like IPP, DNS, Samba, Samba Client, The next list is trusted miscellaneous ports. Don't forget to set Default configuration to Server, because desktop is highlighted on first execution. There is a ICMP filter in Firewall Configuration to send error messages. You can create a blacklist in it easily. Older versions of Linux have IPtables where you can set up which IP addresses pass thru and drop the rest IF the administrator wishes to have access to the 192.168.1.0 network. He/she needs to add iptables –f. Next line: Iptables –P FORWARD Drop, Third line: iptables –a FORWARD –s 192.168.1.0/24 –j ACCEPT. Now that network is accessed, but all other networks are blocked. (Linux+, pg 672-673, 2006)
For the print server, I would use common UNIX printing system (CUPS), because it is newer than some others and allows a computer to act as a print server. Fedora uses CUPS as default print system. In Gnome it is managed by the CUPS manager and taskbar where you can delete print jobs. KDE Print is a CUPS front end too.
To create a CUPS server, first use the Lpstat command to see if any print servers are available which there aren’t, but this command is handy if there are print servers available. To create a print job use lp –d printer1 /etc/inittab. The –d will specify the distribution printer.
More options of lp
Description(Linux+, pg 477, 2006)
-d
Destination
-I
Specifies the ID to modify
-n
Number of pages
-o
Sides – sets if it should be two-sided short edge or two-sided long edge
-q
Specifies the print job priority.
More options of lpstat
Description (Linux+, pg 478, 2006)
-a
Displays a list of all printers that are accepting jobs
-d
Displays the default destination printer
-o printer name
Displays the print jobs in the print queue
-p
Displays a list of printers that are enabled
-r
Shows whether the cups daemon is running
-t
Shows all information about printers and their print jobs
Other commands are cancel followed by the IDs to remove jobs. (Cancel p1-1 p1-2) To remove all jobs there is the –u command. I can restrict users with the lpadmin command. (lpadmin –u allow:root, user1 –u deny:all –d printer 1) The Lpr command is used to print documents to the queue. The lpq is to view the print documents in progress. The lprm command is to remove print jobs. (Linux+, pp 474-478, 2006)
If you need an user interface, there is the Printer Configuration Tool in Linux. Use it to browse queues of CUPS origin. Secondly, in the ‘Add a queue name’ dialog box, add the name of the printer (printer1) and short description. Thirdly, click Forward button to specify the queue type of the new printer and the administrator will select CUPS (IPP) from the drop down menu. Fourthly, use raw print queue (you can try postscript later, but first try raw print queue for compatibility). Click Finished. Finally, click on the new option such as “Printer 1” in Printer Configuration tool and when sharing properties named window comes up, select “This queue is available to all other computers” in the Queue tab. Check the box where it says Automatically find remote shared queues in the General Tab. (Linux+, pg 480-482, 2006)
To allow Windows to be compatible with CUPS, you must install Adobe driver from their website. I will be using the Adobe driver for this paper. To use the CUPS driver, go to Add Printer in Control Panel and select Connect to a Printer on the Internet option. When you see a textbox, copy and paste the URL of printer queue such as http://hostname:/631/printers/Printername. Don’t use Generic PostScript Printer, but browse for the /etc/cups/ppd/PrinterQueneName.ppd. To add Windows support for CUPS, you must install the extracted cups-windows-6.0-1.i386.rpm driver to the /usr/share/cups/drivers directory and cups-windows-6.0-1.x86-64.rpm 64-bit drivers to the /usr/share/cups/drivers/ directory. The Windows cups can be downloaded off of http://www.cups.org/software.php. All Windows machines Windows 2000 or above will be backwards-compatible with CUPs post script. Apple had CUPS integrated into MAC OS 10 since 2002. (Owlfish, 2003) (Linux+, pg 478-483, 2006) (CUPS, 2009)
Linux users are supposed to go in Printer Configuration box and select the Printer 1 Queue available. In Windows, click on Add Printer in Control Panel than go down to option “connect to a printer on the Internet.” Use the URL http://hostname:631/printers/RawPrinterQuetename. When completed, the administrator will be able to have print server in windows from a Linux OS. (Owlfish, 2003)
To connect MAC OS 10 to a print server, first select the Print & Fax pane in the System Preferences. Secondly, in MAC OS 10.4, it is only a + icon, but in MAC OS 10.3, there is a Set up Printer at the top of the Window. Thirdly, IN Mac OS 10.3, click the IP Printing from the drop down menu whereas in MAC OS 10.4, click on IP Printer in the Print Browser window. Fourthly, both MAC OS 10.3 and 10.4, select the IPP Option. Fifthly, type in the hostname. Sixth, you’re supposed to type in the Queue field, the IP address. (RIT, 2006) (Danka, 2002)
The Samba file server supports Windows and MAC OS 10. Samba file server will allow Windows users to drag and drop files on a Linux server. Since Fedora 8, Samba is packaged with the OS. First, the administrator has to enable network activity to the SAMBA server. Enable the Ethernet device in Network Configuration Tool. Secondly, the administrator needs to update firewall settings so the Samba server is trusted. In Fedora, click on Security level in System Settings or “system-config-securitylevel”. Aft wards select the Ethernet card so it is a trusted device. Thirdly, configure the Service Configuration so that smb is enabled. Fourthly, logins should be configured. To do this, create user logins using the Gnome User Manager too. There is also a shortcut command, system-config-users. Add users as you need and then think about what directories you will need to access in the SAMBA server. Fifthly, I will need to configure a SAMBA server. This can be done by opening SAMBA inside Server Settings. This will make changes to a file called smb.conf in /etc/samba. From the menu, choose Server Settings than Samba. When the application loads, please press the preference menu and server settings. Use the Windows workgroup name. The authentication mode should be user if the logins are Microsoft ADS. Sixthly, you must add users to it with the Preference menu and the Samba user item. Eighth, add a shared folder by clicking on the add button using the SAMBA services configuration window with one shared directory. Ninth, the administrator will reboot the SAMBA services by clicking from the menu, System Services, Server Settings, and then Services submenu to open Service Configuration window. From there is a restart icon. In the tenth step, the administrator will be in Windows. This can be accessed by the Start menu, run command. Type in \\linuxserver.test.org (plan A) or \\10.2.2.3 (the ip address is plan B). The eleventh step should be signing in with one of the names created in SAMBA in the Server login Window. Once this is done, there should be a SAMBA window in there. (reallylinux, 2006) (Linux+, pg 664 -665, 2006)
To connect a MAC OS 10 PC to a SAMBA Linux server, the user needs to hit Apple key + K key to bring up a server address dialog box. Secondly, the user will need to type in smb://10.2.2.3 in the textbox. Third, you select your SMB mount. Fourth, the user will add the Windows Workgroup name which doubles as Samba workgroup name in the first box, and your username and password in the second and third textboxes. To disconnect from Samba, you should press CTRL+Click (mouse) and then click on Eject text on the dropdown menu of *directory in question*. (techrepublic, 2008) (Linux+, pg 664 -665, 2006)
The server will need Apache web server to host a web site listing company information. Apache is the most popular web server in the world. Apache web server has been included with Fedora for at least 2 years now so it should be on my Installation DVD. If Apache is already installed I would type in the terminal, rpm –q httpd. If some like http-1.7.1-7.2.fc10 shows up in the terminal than Apache is already installed. The administrator should have included it from the installation DVD, but if for some reason he/she wants the latest version, I found how to install and configure Apache web server. In the terminal, you should type su – install http. Launch to see the status of the Apache web server type su - /sbin/service httpd status in the terminal. To start Apache when the system boots add /sbin/chkconfig –level 3 httpd on. (howtoforge, 2008) (Linux+, pg 663, 2006) (Techotopia, 2007)
Now I am about to configure the Apache server for the domain name. Open up a text editor such as Gedit in Linux and edit the httpd.conf file in the etc/httpd directory. First type ServerAdmin webmaster@myexample.com with serverAdmin as your real name. Next, type in Servername myexample.com with the server name as the real name. Afterwards define where the web site files are going to be located with the documentroot command. An example would be DocumentRoot /var/www/myexample.com. I would create a html file with Open Office or Gedit and save as index.html in the /var/www/Myexample.com directory. The final step would be restart the server by using su - /sbin/service httpd restart. (howtoforge, 2008) (Linux+, pg 663, 2006) (Techotopia, 2007)
Commands for Apache
Description (Linux+, pg 663, 2006)
Listen 80
Specifies that the Apache daemon will listen to HTTP on port 80.
Servername server1.class.com
Specifies that the name of the local server is server1.class.com
DocumentRoot “/var/www/html”
Specifies that the document root directory is /var/www/html
Directoryindex index.html
Specifies that the index.html file in the document root directory will be sent to clients
Errorlog /var/log/httpd/error_log
Specifies that all Apache daemon messages will be written to the /va/log/httpd/error_log file.
MaxClients 150
Sets the maximum number of simultaneous requests to 150.
User apache
Specifies that the Apache daemon will run as a apache local user account
Group Apache
Specifies that the Apache daemon will run as a apache group user account
To get DHCP operating in Fedora 10, the packages should already be on the installation DVD and otherwise go to the URL http://download.fedora.redhat.com/pub/fedora/linux/releases/10/Everything/x86_64/os/Packages/ and search for DHCP-4.0.0-30.fc10.x86_64.rpm and dhclient-4.0.0-30.fc10.x86_64.rpm. Secondly, the next set of directions is if for any reason the DHCP files weren’t installable from the installation DVD or that version is too outdated. Third, you type $./configure $make. Fourth type in $ sudo make install in the terminal. . Fifth, once the DCHP program is compiled in GCC, now I should type in sudo cp server/dhcp.conf /etc. Sixth, you must configure the settings to match my system settings. Seventh, for help on configuration options, type in man dhcp-options in the terminal. Eighth, in the terminal type in sudo touch /var/lib/dhcp/dhcp.leases to get your configure checked for human errors. Ninth, the administrator is allowed to activate DHCP by typing in the terminal: $ sudo chkconfig --level 35 dhcpd on. Finally, the administrator will need to restart the DHCP by typing in the terminal: $ /etc/init.d/dhcp restart. (askdavidtaylor, 2006) (Linux+, pg 662, 2006)
After all this, the server and workstations should be secure and ready to go. I did Windows, MAC OS 10, and Linux to the Fedora print servers, I logged Windows, Linux, and MAC OS 10 to the file server.
Thursday, January 10, 2002
Linux 2
In this report, I will tell how open source software and Linux can be used to reduce costs in the nature of hardware, software, and operating systems in the long term.
Large corporations have been open source for years and continue to use these operations. Small businesses are beginning to look at Linux or OpenSolaris. Small businesses can use VoIP, because the operating system supports it. The software is free, but people with Red Hat Enterprise Workstation/Server or Suse Enterprise Workstation/server or Ubuntu server purchase contracts for tech support. For best performance, you can use Gnome/KDE on Opensolaris distribution and it’ll run like closed source Solaris 10 would, and why it was popular in the first place. Otherwise, you can run Red Hat Workstation Linux and some commercial mature Windows emulator such as Crossover Linux which costs $39.99 instead of $139 for Windows XP Pro/XP x64/Vista Business/7.0 Business. Then, it is possible for employees to be able to execute Microsoft Office 2007 and other specialized software off their Linux workstations through emulators if need be. Otherwise, Administrators can compile Linux Unified Kernel, Wine v1.0, and integrate it into the Linux operating system manually to run Windows applications at no charge. LUK can run Adobe Photoshop on Linux, not native Linux software. [davidtavarez, 2008][Linux, 2008][ neteasyinc, 2008][Codeweavers, 2008]
Windows Server 2008/2008R2 or Windows Vista/7.0 cost money to purchase the OEM to license tech support. The closed source 3rd party software costs money for GPO tools, because companies who develop for Microsoft are usually trying to make a profit off customers. GNU is a non-profit organization with continuously updated applications, because of endless bug reports from all over the world. The major hardware vendors submit hardware drivers to the Linux kernel team to integrate free of charge. The IBM blade servers have Cell Broadband Engines or Cell-based PPC, and Linux recognizes that RISC CPU. Sometimes Blade Servers can have two CBE and XDR RAM in it. That’s like 7 SPEs and 1 PPE per CBE at 3.2 GHz. It makes these servers very fast. Closed source software won’t recognize CBE yet. There are places like South America and Asia that want affordable PCs and that is part of the reason. Another reason is the Department of Defense, and NASA are funding Linux so that the government can see stability for all their many supercomputers. (IBM, 2006)
With Suse Enterprise Server, you can run Apache software for servers which is open source. This is cheaper than Microsoft IIS to run MySQL. Suse Enterprise also supports DHCP, Postfix, DNS, IMAP, Samba, System Statistics (Uses MRTG), User management, Proxy Server. They serve the same file systems. Personally, I always used ReiserFS over EXT3, because it is noticeably faster than the latter. However, EXT4 file system is out in Suse Enterprise 11, OpenSuse 11.2, Redhat Enterprise 5.3, and Fedora 10 so I recommend workstations switching to that file system later this year. EXT4 is supposed to be the flagship file system of Linux as of either Fedora 10 or kernel 2.6.28 and better Linux so I recommend that best solution for workstations if you have either EXT3 or ReiserFS right now. EXT4 is more stable, faster and less fragmented than NTFS for Windows 6.0. Afterwards, Suse 10.1 switched back to the flagship Linux file system, EXT3 so the administrator had to switch file systems again for a speed boost. ReiserFS can handle a lot of small files better than EXT3 and is as mature as EXT3, because both came out in 2001, not including betas. High performance Linux servers use OCFS2 file system, because it’s faster than ReiserFS or EXT4. OCFS2 isn’t as forgiving as EXT3, EXT4 or ReiserFS when concerning unintentional power offs, is but the best server file system out there not in beta. OCFS is an option in most Linuxes since 2006. OCFS2 has also less latency than NTFS. (oracle, 2008)(devx, 2004),
The installers Linux have now-a-days makes installing a breeze especially the Yast Control Panel in any Suse distribution. The ideal way would involve a small army of technicians to execute this installing on workstations so the secret administrator password may stay secret. Someone should burn a DVD per PC with the passwords and file system instructions on paper. The company should make the employees to split the cost of a DVD spindle, use the Administrator and his network technicians install Linux off the DVDs at the similar times. Either way would save a few $1000 on otherwise buying Microsoft licenses and legit Windows OEM CDs. Pirating would be a type of security fraud holding the company accountable.
A lot of open source software is highly robust at an early stage of development and mature open source projects are setting new industry standards. In comparison closed source software has typically a defect report that needs to be filed and then a delay before the vendor determines when or whether to issue new bug fix. What makes open source better is users aren’t at the mercy of the vendor. The open source developers are pride and kudo driven so they want to have the most robusts software before adding features. The motivation to fix bugs is much higher if the source code is freely available. Another important reason why open source software can reduce costs is the stability. The closed source software can be outdated and assist an task, because if it works then end users aren’t motivated to spend more money to upgrade when it suits their needs. If a software supplier can establish a monopoly, force upgrades, than profits are high. One of the motivations is to add improved file formats and applications that can decode/encode them. Users will feel isolated with older versions. With huge amounts of server space, open source provides source code to compile an old version that is compatible with the business needs. Security holes are filled much quicker, because a third party can audit the vulnerability or exploit and send the reports and easily submit a report and expect a fix within 3 months. The GNU actually claims that Linux has less virus vulnerabilities in security breaches or hack attacks with a commercial firewall, because it is newer than Windows kernel in terms of years. Open Source identifies software that is being attacked, yet unlike closed source code will see vulnerability assessment scanners. Vulnerability assessment scanners look for vulnerabilities in configured systems on purpose. [gbdirect, 2008] [DWheeler, 2008]
In terms of Apache servers, open source software can reverse engineer a draft specification into the real product very quickly outpacing that of closed source developers and business strategy. Apache was used with IBM open source since 1998 and is more popular than Microsoft IIS on a year to year basis. The idea is when these open source projects source code is downloadable, it keeps companies from monopolizing file formats. Open source believes it is more business flexible than closed source software, because it allows any business to download whatever they need instead of having features from commercial software that is less than what the company needs. The company isn’t restrained by the software this way so that it is a specifically-built IT platform. The only over-dependency in open source is the requirement of upgrade to new versions that are more stable, faster, more backwards compatible with data formats. Important projects never die, and any group of programmers can resurrect a project if need be as it is passed on. A lot of how toos are documented at Linux vendors website, official forums, unofficial Linux forums, and vendor’s wikis so there is no shortage of support. Because the source code is freely available, organizations are not limited to obtaining support from the authors. The developers of Apache, MySQL, and high profile projects speak of the amount of high-reliability these software process that tech support isn’t a high profile priority even though the vendor does that job. (IBM, PDF, 2008)
With Linux on System Z mainframes, there is more efficient server platforms increased utilization rate, almost doubling from 36% to 79% compared to Microsoft IIS. Linux would reduce possible scalable servers resulting in power savings. Cutting edge applications, especially web-centric applications, are usually made for Linux first, because it is a product of the Internet. According to IBM virtualization today is more mature on RISC and mainframe platform than x86 servers. If Linux was employed, it would have less server footprints. Linux has better compatibility with unified user management available on RISC and mainframe systems. (IBM, PDF, 2008)
Linux is more compatible with high performance computing workloads. These replaced enterprise workloads. Linux has a 10% year to year growth now which is about 13.4% of worldwide factory server revenue. (IBM, PDF, 2008)
Mainframes like System Z have Integrated Facility for Linux processors to accelerate performance of Linux that runs on their servers resulting in the total number of Linux instances increased compared to Linux without IFL. If your system is still x86 based, IBM’s chiphopper program can provide economic benefits. Although, a business doesn’t really need chiphopper. The PowerVM Lx86 emulator will run x86 Linux programs without source code modification. (IBM, PDF, 2008)
With Linux running on System Z the annual savings for 100 users could be 60% IT infrastructure improvement, 25% user productivity improvement, and 14% IT staff productivity increase. Significant cost saves were realized in terms of power/cooling and space utilization with System Z mainframes. With Linux, the downtime was 53 minutes a year compared to five hours with Windows Server. IT staff were able to optimize resources, increase IT service levels, reduce staffing in datacenters and the help desk. (IBM, PDF, 2008)
Pretty much with the hardware reorganization like Cell Broadband Engine, the free updates, the LUK/Wine emulation and fast file systems over Windows; our company is better off cost, hardware and software wise. Linux will always get better, and with closed software, you never know when it’ll go in reverse as far as stability and functionality. Most likely closed software will be unstable at the beginning of the gone gold date, while open source software has no such limitation.
References
Kerner, S.M. (2004, September 29). UNIX vs. Linux: A Vendor's Perspective.
Retrieved January 10, 2009, from CIOupdate website:
http://www.cioupdate.com/trends/article.php/3414891/UNIX-vs-Linux-A-Vendors-Perspective.htm
Anonymous. (2008). Crossover Linux. Retrieved January 10, 2009, from Codeweavers website:
http://www.codeweavers.com/products/cxlinux/
Anonymous. (2008). Open Source can help reduce Small Business costs in the US
Economy. Retrieved January 10, 2009, from Netasyinc website:
http://neteasyinc.com/news/2008/open-source-solutions-can-help-small-business
Drake, J. D. (2004, April 26). RedHat ES 3.0 vs. SuSE Server 8.0: Battle for the Enterprise.
Retrieved January 10, 2009, from Devx website:
http://www.devx.com/opensource/Article/20840/0/page/3
Anonymous. (2008). OCFS2 [file system].
Retrieved January 09, 2009, from Oracle website:
http://oss.oracle.com/projects/ocfs2/
Anonymous. (2008). Benefits of Using Open Source Software.
Retrieved January 10, 2009, from Devx website:
http://open-source.gbdirect.co.uk/migration/benefit.html
Bozman, J. S., Perry, R., Gillen, A., & Hatcher, E. (2008, October). Adding Business Value with
Cross - Platform Solutions : Linux Running on IBM Servers. FTP: IBM. Retrieved January 9,
2009, from IBM Web site: ftp://ftp.software.ibm.com/linux/pdfs/
IDC-adding_business-value_with_cross-platform_solutions-Linux_on_IBM_Systems.pdf
Anonymous. (1998, December 17?). Secure Programming for Linux and Unix HOWTO.
Retrieved January 10, 2009, from Dwheeler website:
http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html
Anonymous. (2008, December 23). Linux Unified Kernel… a new age of operative systems?.
Retrieved January 10, 2009, from Davidtavarez website:
http://www.davidtavarez.com/archives/linux-unified-kernel-a-new-ag-of-operative-systems/
linooxlee (2008, November 04). Subject: Linux Unified Kernel v0.2.2 is released.
Retrieved January 10, 2009, from Linux website:
http://www.linux.com/forums/topic/3348
Anonymous (2009). developerWorks: Cell Broadband Engine Resource Center.
Retrieved January 10, 2009, from IBM website:
www.ibm.com/developerworks/power/cell/
Large corporations have been open source for years and continue to use these operations. Small businesses are beginning to look at Linux or OpenSolaris. Small businesses can use VoIP, because the operating system supports it. The software is free, but people with Red Hat Enterprise Workstation/Server or Suse Enterprise Workstation/server or Ubuntu server purchase contracts for tech support. For best performance, you can use Gnome/KDE on Opensolaris distribution and it’ll run like closed source Solaris 10 would, and why it was popular in the first place. Otherwise, you can run Red Hat Workstation Linux and some commercial mature Windows emulator such as Crossover Linux which costs $39.99 instead of $139 for Windows XP Pro/XP x64/Vista Business/7.0 Business. Then, it is possible for employees to be able to execute Microsoft Office 2007 and other specialized software off their Linux workstations through emulators if need be. Otherwise, Administrators can compile Linux Unified Kernel, Wine v1.0, and integrate it into the Linux operating system manually to run Windows applications at no charge. LUK can run Adobe Photoshop on Linux, not native Linux software. [davidtavarez, 2008][Linux, 2008][ neteasyinc, 2008][Codeweavers, 2008]
Windows Server 2008/2008R2 or Windows Vista/7.0 cost money to purchase the OEM to license tech support. The closed source 3rd party software costs money for GPO tools, because companies who develop for Microsoft are usually trying to make a profit off customers. GNU is a non-profit organization with continuously updated applications, because of endless bug reports from all over the world. The major hardware vendors submit hardware drivers to the Linux kernel team to integrate free of charge. The IBM blade servers have Cell Broadband Engines or Cell-based PPC, and Linux recognizes that RISC CPU. Sometimes Blade Servers can have two CBE and XDR RAM in it. That’s like 7 SPEs and 1 PPE per CBE at 3.2 GHz. It makes these servers very fast. Closed source software won’t recognize CBE yet. There are places like South America and Asia that want affordable PCs and that is part of the reason. Another reason is the Department of Defense, and NASA are funding Linux so that the government can see stability for all their many supercomputers. (IBM, 2006)
With Suse Enterprise Server, you can run Apache software for servers which is open source. This is cheaper than Microsoft IIS to run MySQL. Suse Enterprise also supports DHCP, Postfix, DNS, IMAP, Samba, System Statistics (Uses MRTG), User management, Proxy Server. They serve the same file systems. Personally, I always used ReiserFS over EXT3, because it is noticeably faster than the latter. However, EXT4 file system is out in Suse Enterprise 11, OpenSuse 11.2, Redhat Enterprise 5.3, and Fedora 10 so I recommend workstations switching to that file system later this year. EXT4 is supposed to be the flagship file system of Linux as of either Fedora 10 or kernel 2.6.28 and better Linux so I recommend that best solution for workstations if you have either EXT3 or ReiserFS right now. EXT4 is more stable, faster and less fragmented than NTFS for Windows 6.0. Afterwards, Suse 10.1 switched back to the flagship Linux file system, EXT3 so the administrator had to switch file systems again for a speed boost. ReiserFS can handle a lot of small files better than EXT3 and is as mature as EXT3, because both came out in 2001, not including betas. High performance Linux servers use OCFS2 file system, because it’s faster than ReiserFS or EXT4. OCFS2 isn’t as forgiving as EXT3, EXT4 or ReiserFS when concerning unintentional power offs, is but the best server file system out there not in beta. OCFS is an option in most Linuxes since 2006. OCFS2 has also less latency than NTFS. (oracle, 2008)(devx, 2004),
The installers Linux have now-a-days makes installing a breeze especially the Yast Control Panel in any Suse distribution. The ideal way would involve a small army of technicians to execute this installing on workstations so the secret administrator password may stay secret. Someone should burn a DVD per PC with the passwords and file system instructions on paper. The company should make the employees to split the cost of a DVD spindle, use the Administrator and his network technicians install Linux off the DVDs at the similar times. Either way would save a few $1000 on otherwise buying Microsoft licenses and legit Windows OEM CDs. Pirating would be a type of security fraud holding the company accountable.
A lot of open source software is highly robust at an early stage of development and mature open source projects are setting new industry standards. In comparison closed source software has typically a defect report that needs to be filed and then a delay before the vendor determines when or whether to issue new bug fix. What makes open source better is users aren’t at the mercy of the vendor. The open source developers are pride and kudo driven so they want to have the most robusts software before adding features. The motivation to fix bugs is much higher if the source code is freely available. Another important reason why open source software can reduce costs is the stability. The closed source software can be outdated and assist an task, because if it works then end users aren’t motivated to spend more money to upgrade when it suits their needs. If a software supplier can establish a monopoly, force upgrades, than profits are high. One of the motivations is to add improved file formats and applications that can decode/encode them. Users will feel isolated with older versions. With huge amounts of server space, open source provides source code to compile an old version that is compatible with the business needs. Security holes are filled much quicker, because a third party can audit the vulnerability or exploit and send the reports and easily submit a report and expect a fix within 3 months. The GNU actually claims that Linux has less virus vulnerabilities in security breaches or hack attacks with a commercial firewall, because it is newer than Windows kernel in terms of years. Open Source identifies software that is being attacked, yet unlike closed source code will see vulnerability assessment scanners. Vulnerability assessment scanners look for vulnerabilities in configured systems on purpose. [gbdirect, 2008] [DWheeler, 2008]
In terms of Apache servers, open source software can reverse engineer a draft specification into the real product very quickly outpacing that of closed source developers and business strategy. Apache was used with IBM open source since 1998 and is more popular than Microsoft IIS on a year to year basis. The idea is when these open source projects source code is downloadable, it keeps companies from monopolizing file formats. Open source believes it is more business flexible than closed source software, because it allows any business to download whatever they need instead of having features from commercial software that is less than what the company needs. The company isn’t restrained by the software this way so that it is a specifically-built IT platform. The only over-dependency in open source is the requirement of upgrade to new versions that are more stable, faster, more backwards compatible with data formats. Important projects never die, and any group of programmers can resurrect a project if need be as it is passed on. A lot of how toos are documented at Linux vendors website, official forums, unofficial Linux forums, and vendor’s wikis so there is no shortage of support. Because the source code is freely available, organizations are not limited to obtaining support from the authors. The developers of Apache, MySQL, and high profile projects speak of the amount of high-reliability these software process that tech support isn’t a high profile priority even though the vendor does that job. (IBM, PDF, 2008)
With Linux on System Z mainframes, there is more efficient server platforms increased utilization rate, almost doubling from 36% to 79% compared to Microsoft IIS. Linux would reduce possible scalable servers resulting in power savings. Cutting edge applications, especially web-centric applications, are usually made for Linux first, because it is a product of the Internet. According to IBM virtualization today is more mature on RISC and mainframe platform than x86 servers. If Linux was employed, it would have less server footprints. Linux has better compatibility with unified user management available on RISC and mainframe systems. (IBM, PDF, 2008)
Linux is more compatible with high performance computing workloads. These replaced enterprise workloads. Linux has a 10% year to year growth now which is about 13.4% of worldwide factory server revenue. (IBM, PDF, 2008)
Mainframes like System Z have Integrated Facility for Linux processors to accelerate performance of Linux that runs on their servers resulting in the total number of Linux instances increased compared to Linux without IFL. If your system is still x86 based, IBM’s chiphopper program can provide economic benefits. Although, a business doesn’t really need chiphopper. The PowerVM Lx86 emulator will run x86 Linux programs without source code modification. (IBM, PDF, 2008)
With Linux running on System Z the annual savings for 100 users could be 60% IT infrastructure improvement, 25% user productivity improvement, and 14% IT staff productivity increase. Significant cost saves were realized in terms of power/cooling and space utilization with System Z mainframes. With Linux, the downtime was 53 minutes a year compared to five hours with Windows Server. IT staff were able to optimize resources, increase IT service levels, reduce staffing in datacenters and the help desk. (IBM, PDF, 2008)
Pretty much with the hardware reorganization like Cell Broadband Engine, the free updates, the LUK/Wine emulation and fast file systems over Windows; our company is better off cost, hardware and software wise. Linux will always get better, and with closed software, you never know when it’ll go in reverse as far as stability and functionality. Most likely closed software will be unstable at the beginning of the gone gold date, while open source software has no such limitation.
References
Kerner, S.M. (2004, September 29). UNIX vs. Linux: A Vendor's Perspective.
Retrieved January 10, 2009, from CIOupdate website:
http://www.cioupdate.com/trends/article.php/3414891/UNIX-vs-Linux-A-Vendors-Perspective.htm
Anonymous. (2008). Crossover Linux. Retrieved January 10, 2009, from Codeweavers website:
http://www.codeweavers.com/products/cxlinux/
Anonymous. (2008). Open Source can help reduce Small Business costs in the US
Economy. Retrieved January 10, 2009, from Netasyinc website:
http://neteasyinc.com/news/2008/open-source-solutions-can-help-small-business
Drake, J. D. (2004, April 26). RedHat ES 3.0 vs. SuSE Server 8.0: Battle for the Enterprise.
Retrieved January 10, 2009, from Devx website:
http://www.devx.com/opensource/Article/20840/0/page/3
Anonymous. (2008). OCFS2 [file system].
Retrieved January 09, 2009, from Oracle website:
http://oss.oracle.com/projects/ocfs2/
Anonymous. (2008). Benefits of Using Open Source Software.
Retrieved January 10, 2009, from Devx website:
http://open-source.gbdirect.co.uk/migration/benefit.html
Bozman, J. S., Perry, R., Gillen, A., & Hatcher, E. (2008, October). Adding Business Value with
Cross - Platform Solutions : Linux Running on IBM Servers. FTP: IBM. Retrieved January 9,
2009, from IBM Web site: ftp://ftp.software.ibm.com/linux/pdfs/
IDC-adding_business-value_with_cross-platform_solutions-Linux_on_IBM_Systems.pdf
Anonymous. (1998, December 17?). Secure Programming for Linux and Unix HOWTO.
Retrieved January 10, 2009, from Dwheeler website:
http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/open-source-security.html
Anonymous. (2008, December 23). Linux Unified Kernel… a new age of operative systems?.
Retrieved January 10, 2009, from Davidtavarez website:
http://www.davidtavarez.com/archives/linux-unified-kernel-a-new-ag-of-operative-systems/
linooxlee (2008, November 04). Subject: Linux Unified Kernel v0.2.2 is released.
Retrieved January 10, 2009, from Linux website:
http://www.linux.com/forums/topic/3348
Anonymous (2009). developerWorks: Cell Broadband Engine Resource Center.
Retrieved January 10, 2009, from IBM website:
www.ibm.com/developerworks/power/cell/
Subscribe to:
Posts (Atom)