We promised to dedicate a column in this series for talking strictly about servers, and the time has come.
We all know that Linux is available free of cost, so we’re going to skip that argument and consider things from a functional perspective. We’d like to discuss a few of the basic things people really need to do with servers, and try to figure out which operating system is best suited for these roles.
The management decision to run Unix or Windows will certainly be biased toward the operating system your administrators are most familiar with. Next comes careful consideration of the role of the specific server. Will a Web server running on Windows provide the same features as a Web server running on Linux? Can you really serve files to Windows clients with a Unix-based Samba server? How easy is it to update software on your chosen server? Let’s find out.
Web servers are very important, yet people tend to underestimate the security and performance issues associated with them. The number one vector of attack is through vulnerable Web servers. The popular Apache web server is constantly releasing security updates, but does this mean it’s insecure? Well, no. Despite what some competitors want you to think, this means just the opposite. It does take a fair amount of time to maintain open source software, though. Compare that to the cost of running Microsoft’s IIS server, and the cost-benefit tradeoff quickly becomes clear. With IIS you get updates periodically, an insecure default setup, and many reasons to increase your antacid intake.
There are always situations where people are locked into one vendor’s product. If you’re in that boat, this article probably isn’t going to be interesting. If you do have a choice, consider this: If your Web server gets hacked on a Unix-based platform, then the user it runs as is compromised. If you’re relatively up to date on patches, the malicious person who compromised your Web server won’t get full root access. When IIS gets whacked, it means the entire operating system is compromised, along with all your user accounts.
File and print services are also vitally important. Windows can serve Linux clients, and Linux can serve Windows clients. This is no mystery. It is mysterious when you actually try doing it though. Generally, IT shops that serve Windows clients and Unix clients tend to run both Active Directory services and a Unix file server. There are a few features in both directions that stop interoperability, making full-time servicing of non-alike clients a nightmare to manage. For instance, using Samba to serve Windows XP clients means that you lose all ability to manage “special” file permissions from the Windows side. Depending on the operating system Samba runs on, you may not even be able to change permissions at all. Printers are the same, but not quite as cut and dried. It is practical to serve printers from Linux, but it takes a bit of effort to manage, mainly because manufacturers only release drivers for Windows.
Mail services require yet another vital-to-survival server that needs to be robust. Running Microsoft’s Exchange server allows Outlook users to store all their e-mail, address book, and settings on the server. That’s about the only advantage it provides, excluding the point and click installation and configuration capabilities. Outlook users can be just as happy connecting to Sendmail or Postfix and an IMAP server running on Unix. They tend to be much faster, much more secure and more likely to interoperate properly with other RFC-compliant mail servers. But don’t forget to consider that virus and spam filtering programs can be extremely resource intensive.
The time for arguing about stability has passed. There are properly administered servers of all flavors that have been happily ticking away for years now. The time to worry about performance, however, is nigh. Windows, Unix and Linux are all modern time-sharing and multitasking operating systems. They do not all manage resources and separation of privileges in the same way, or else we wouldn’t need to determine which is better. Without getting into too many details, it’s fairly safe to say that certain hardware and software platforms have certain benefits. For example, Sun SPARC machines have very efficient context switches (going from kernel to user mode—this happens thousands of times a second, especially when reading data from hard drives and the network). Windows was typically deficient in the performance area, but some surprising test results have been showing up with Server 2003. You can read multiple reports and find multiple conflicting opinions about performance.
If you’ve determined that your services can be served with a different operating system and are considering a switch, there are a few things to consider first. Most importantly, are your administrators competent with the new operating system? Running Linux at home doesn’t make anyone qualified to run it in a production environment. It takes the in-depth knowledge gained from experiences of things breaking to make a truly effective Unix/Linux admin.
Next, how easy is it to update the various pieces of software and the operating system itself? Windows makes updating servers very easy. Some Linux distributions make software update easy; some do not. Updates sometimes break things, even with commercial Unix systems. There are so many variables; it’s impossible to say which is easier, so a few examples are in order. Sun Solaris provides patch management tools, but they will overwrite anything custom you have done. Most Sun administrators manually apply every security patch that comes out. Many Linux distributions have gotten it right. The updaters leave configuration files alone, and generally make allowances for library conflicts. We could talk about software management all by itself, but in the most general sense all operating systems have their own ways, and each needs to be learned in some depth to get the best results.
A few reports that compare the cost of Windows with Linux state that even with the administration overhead and learning curve, Linux is still more cost-effective than paying for Windows. There are, of course, conflicting reports too. For beginners, Windows makes it possible. Should beginners really run your servers though? The power of Unix may never be realized if the administrator doesn’t already understand it. That’s just how things are. That’s also why good administrators can thoroughly test a service before it goes live. If you aren’t locked into proprietary software, the cost and performance benefits of Unix-based operating systems may well make it worthwhile to consider migrating some core services (like e-mail and Web servers).