Key questions:
Will the OS run the applications you run today? How many new applications are being developed for it now? How much will you pay for the applications you want to run?
Applications availability isn't a numbers game. For all you know, those 11,000 applications that a particular OS supports are all games.
Make sure that the applications you need are available. Also make sure that the applications and their support contracts won't be more expensive than the server was -- a legacy of the days of the mainframe.
Also look for the OS to support applications interaction in a standard way. For example, NT lets applications pass information among each other using OLE.
Platform Support
Key questions:
Does it support your existing clients? How does it support mobile users? Do clients require any special software to access the server?
Interoperability exists on several levels. At the lowest level, systems may define and use divergent network protocols. NetWare networks use IPX, while most Unix networks and the Internet use TCP/IP. By default, NT uses NetBEUI. All these OSes can support other protocols, but they usually work best running their core protocol.
At a higher level, even if a client supports a server's low-level protocol, it still may n
ot be able to connect. A classic example is that you can run AppleTalk on a NetWare 4.11 server, but a Mac that tries to log on without first loading the NetWare client for Macintosh will receive an error telling it that the server doesn't have a recognizable log-on sequence. NT's AppleTalk implementation, on the other hand, appears as a standard Mac server.
Look for integration with particular types of directory services. The idea is for users to be able to log on once and to be able to access any applications residing on your applications servers. For example, Unix systems tend to rely on the Domain Naming System (DNS) and the Network Information Service (NIS). NetWare 4.11 uses the NetWare Directory Service (NDS). NT 4.0 also uses a domain system. None of these work well with each other, but some, such as NDS, can accept many OSes into their structure.
The Web may make some of these points moot by standardizing on communications protocols such as HTTP and TCP/IP. For now, however, the best solution
for cross-platform integration is either for a server OS to support all the protocols you run in your organization or for you to standardize on a protocol (probably TCP/IP). NT seems to be adept at running multiple protocols, including TCP/IP, NetBEUI, IPX/SPX, and AppleTalk (not to mention a few others), but you can usually find extensions to any OS to bring this level of functionality to your server.
Performance
Key questions:
How many users can you support with a single system? Does the OS support symmetric multiprocessing (SMP)? Does it let you balance loads across multiple systems?
You can read all the benchmark results you want, but how an OS performs for you will depend on how you use it. Performance is applications-dependent. Some benchmarks, such as the Transaction Processing Council's TPC-C, indicate system performance in a database environment. Others, such as the BYTEmark, show the performance of specific system components.
So
me aspects of OS design indicate what kind of performance characteristics you can expect. Multithreading, for example, can reduce the number of context switches your applications have to do, thereby boosting performance. Preemptive multitasking will let applications cut each other off, delivering more egalitarian performance. NT, OS/2, OS/400, and SunSoft Solaris are both. NetWare is neither.
Next, look at scalability, specifically SMP. All the major OSes -- Unix, NT, NetWare SMP, OS/2, and OS/400 -- support SMP. The question is: How many CPUs can the OS handle? For example, NT's end-user license limits it to four. OS/2 can address up to 64, as can some Unix implementations. Remember, though, that you often need to tune software to run on SMP systems.
Management
Key questions:
Can you control multiple servers from a single point? Can you gain remote-administration access to a server? Does the server integrate with your existing administration
system?
Systems management means different things to different people. For many, backup is a key part of systems management. All server OSes have some kind of backup utility built in. Unfortunately, they're not always the most sophisticated packages, and they all have different interfaces. If your goal is to back up your disparate servers from a central console and you've already selected software such as Arcada's Backup Exec, make sure it supports the new OSes.
As you plan for your network's growth, be sure that the OSes you choose fit in with your management scheme. If the network will never be large, you may be able to rely on Unix's command-line interface. If, however, you're responsible for a server farm with several dozen boxes, you need some way to get an at-a-glance summary of the farm's status.
Software such as Intel's LANdesk Manager and Symantec's Norton Administrator for Networks can give you a sense of what's going on with your servers. However, they don't have great support for OSes
such as Unix and OS/400. Alternately, standard SNMP consoles such as Hewlett-Packard's OpenView can give you information about the flow of information around your network, but they often can't get you component-level information about particular systems.
The basic rule with management is to make sure that whatever OS you choose fits in with your existing management strategy, or that you're willing to modify your strategy to accommodate the new OS.
Applications Development
Key questions:
Are the development tools you use available for this platform? Does the OS vendor extend support to users or only to independent software vendors (ISVs)? Are the APIs open and well documented?
Off-the-shelf productivity is an enticing concept, but it's one that translates poorly into reality. Except at the simplest level of operation, every network will require some customization. An OS must have standard OS services and industry-standard interfaces to supp
ort development. Virtual protected memory, multitasking, preemptive scheduling, and advanced features (e.g., threads and asynchronous I/O) are essential to many high-end development efforts.
To make productive use of an OS's customizability, you'll need a robust suite of development tools, documentation, and -- most important -- support from the OS vendor for in-house development. At the very least, developers should expect compilers, debuggers, project management utilities, and visual-programming tools. If you choose a server OS whose vendor caters only to large ISVs, you're unlikely to find a large pool of experienced developers.
Support from third-party vendors is important as well. Tools, programming environments, and complete applications are often available across multiple NOS platforms. By working with familiar tools, developers can leverage their knowledge at all levels throughout the enterprise.
Reliability
Key questions:
Does it
support RAID or clustering? Is the file system journaled? Can you hot-swap components?
Protected-memory architectures and OS-provided device drivers are hallmarks of reliable OSes like NT, OS/2, OS/400, and Unix. NetWare, on the other hand, runs its applications in a shared memory space, and applications could run in protected mode -- ring 0 of the CPU -- where they could interfere with the machinations of the OS.
More of the fault tolerance takes place at the hardware level. RAID, whether it's implemented in software or hardware, is common. The advantage of a software implementation such as NT is mainly price. Much of the other fault tolerance -- including redundant power supplies, network cards, and cooling fans -- depends on the server you buy.
OS/400 and Solaris also have advanced clustering solutions. IBM is working on porting the OS/400 clustering (code-named Phoenix) to OS/2. Microsoft is working on a set of APIs (called Wolfpack) for clustering two NT machines. Digital already has a system
to enable NT clusters. By default, clustering is an option to each of these OSes -- but often an expensive one, costing thousands of dollars per CPU.
Security
Key questions:
Can the administrator enforce password restrictions? Does the OS support access-control lists? On-the-fly encryption? How about Orange Book C2-level security?
Security is a tough subject. There are many buzzwords but little uniform interpretation of them. The short of it is that any OS can be compromised if it's not installed and maintained using a strict security policy. You have to enforce alphanumeric passwords, change passwords frequently, and even consider encrypting vital information.
All that said, an OS can make it easier to enforce security. File and directory permissions are a place to start. Each OS implements them a little differently, from the incredibly cryptic (Unix) to the fairly straightforward (NetWare). Again, it's up to a person to make sure they'r
e set up and enforced correctly.
Auditing can let you see who did what when. The logs it generates can become large, but the information can be invaluable when you're trying to trace the last modification of a file. NT comes with a good auditing system that's notably easy to use.
Unix has come under attack for its security. Designed originally to be open, Unix has found itself the object of many attackers' desires. If you choose Unix as your applications-server OS, you should immediately look to your vendor for the latest security patches. You also need to implement a non-sendmail-based mailing system, TCP wrappers, the Washington University FTP daemon, and a regular run of the SATAN security package.
There's much bluster about C2-level security, but that's what most of it is -- bluster. There are a couple of reasons for this. First, a C2 rating applies only to the exact version of an OS tested -- NT 3.51, for example, has one, but not version 4.0. Also, a Red Book C2 rating (which means the OS is
network-secure) means not only exactly the same OS version, but the same hardware.
Sorting It Out
When you put any OS through all these questions, you'll get a good idea of how well it's going to behave as an applications server. NT, Solaris, OS/2, NetWare, and OS/400 are all strong applications-server OSes. And that's as far as these questions can take you. Once you've made a preliminary decision, you have to bring the OSes in-house and try developing an application on your final choices. Yes, it will take time, and it will probably be expensive. But is it really more expensive than making the wrong decision?
SunSoft Solaris
Solaris runs on x86 systems and the Sun line of RISC-based SPARC platforms. Among Unix vendors, only Sun offers a product for multiple platforms. This puts Sun in a unique position as the Unix vendor that can match Microsoft's multiplatform strategy.
Applications:
There are 10,000 native
Solaris applications
available from ISVs covering a range from accounting to Z-mail. Desktop productivity tools such as presentation software tend to be a bit limited, but Sun's Windows Application Binary Interface (Wabi) technology lets many Windows productivity applications run on SPARC/UltraSPARC.
Platform Support:
Sun's flagship line of SPARC/UltraSPARC CPUs is where you're most likely to find Solaris running, but you can bring it up on any x86 (486 or higher) CPU. Solaris's connectivity resources are formidable, ranging from the enterprise-capable NIS+ directory service, LDAP, and a host of IP networking services (e.g., FTP, DHCP, HTTP, and NFS). If your goal is to connect PCs and Macs to a Solaris server, you're either going to have to install a good TCP/IP client package on each client or install third-party extensions to Solaris. Connectivity to mainframes is another third-party extension.
Performance:
Solaris running on SPARC is a high-performan
ce hardware/software combination available on everything from laptops to servers with up to 64 processors. The Solaris kernel is incredibly tunable, letting you create a server that is particularly good at a specific task. In fact, you pretty much must tune the kernel to get the best performance from Solaris on applications such as Web serving. Performance on x86 systems generally lags behind the SPARC systems.
Management:
Whether you're sitting at the graphics-enabled console of your server or at a VT100 that's more than 3000 miles away, you can administer a Solaris system. The Solaris product comes with its own graphical tools for the administration of nearly all its services. Many of these graphical tools are making their way to Hypertext Markup Language (HTML), so you'll soon be able to administer Solaris from any Web browser. However, that doesn't mean that Unix's command-line administration tools have gone away.
Development:
SunSoft WorkShop provides visual tool
s, drivers, and libraries for applications development. Sun emphasizes Java development. Source code compatibility enables Intel-SPARC cross-platform development.
Reliability:
Solaris's protected-memory architecture makes it a fairly difficult OS to crash completely, and the journaled file system means that crash recovery is smooth. With add-ons, Solaris will support RAID 0, 1, and 5, and two-way clustering. Third-party solutions provide data replication and hardware failure detection.
Security:
C2 compliance is at the top of Solaris's security laurels. In addition, the administrator can set disk-storage limits, expire and lock accounts, force password changes, and lock user log-on times. Unix as a whole, however, has some serious security holes, such as the sendmail daemon. Patches exist to many of the known holes, but it's up to the administrator to apply them.
Microsoft Windows NT Server
Regardless of the current makeup
of your network infrastructure or your inclination, it's nearly certain that
NT Server
will be a part of your future plans -- it does too many things too well for you to ignore it. Expect it to make inroads as a replacement for NetWare and as a low-end and midrange applications server.
Applications:
A large number of Windows applications are available, with an increasing number that leverage the 32-bit or multiprocessing nature of NT. High-end business-critical applications (e.g., CICS) are somewhat underrepresented, but Microsoft's BackOffice suite provides good integration of many server applications, including systems management and a database.
Platform Support:
NT is available for x86 (486 or higher), Digital Alpha, and PowerPC processors. (R4x00 support has been discontinued.) It includes support for most common clients except Unix, which requires a third-party add-on. It uses trusted domains for its directory services, which provide only l
imited scalability and are incompatible with such standards as X.500 and LDAP.
Performance:
You can get NT running on some of the fastest processors around, but there are some caveats to NT's multiprocessing. For example, NT can support up to 32 processors, but you'll find the license for the shrink-wrapped version of NT is limited to four. Beyond that, porting is vendor-dependent.
Management:
The collection of Windows-based management tools is also easy to use, but they lack some of the integration you'll find in a product such as NetWare 4.11. For example, Disk Administrator and User Administrator are separate tools. Also, you manage Macintosh file services not through the Disk Administrator or Windows NT Explorer, but through File Manager. Remote system management support needs improvement, but it can be accomplished with tools such as Symantec's Norton PCAnywhere32.
Development:
Consistency is the catchphrase when developing for NT. You can de
velop applications in a single environment that's produced and controlled by a single vendor. NT's momentum translates directly into an abundance of development tools, languages, and development systems all geared to producing Windows applications.
Reliability:
NT's fault tolerance runs from integrated RAID 0, 1, and 5 to automatic restart after a crash. Clustering is available from companies such as Digital and Tandem. Microsoft is working on a clustering API (called Wolfpack), but initially it will support only clusters of two systems.
Security:
NT implements most of the common security features, including password restrictions, account expiration, and audit logs. NT 3.51 has C2 certification for stand-alone systems, but not for networked systems, and NT 4.0 has no C2 certification.
Novell NetWare
Novell is the first to admit that
NetWare might
look somewhat threadbare as a client/server application
s-server platform compared to other offerings. Its capacity to provide comprehensive transaction processing is thin. Until the addition of support for SMP for multithreaded applications last year, it offered limited scalability. IntranetWare, a new offering from Novell, is essentially an upgraded version of NetWare 4.11. It adds a Java virtual machine, a TCP/IP-IPX gateway, and an integrated multiprotocol router for WAN and Internet connections.
Applications:
About 6000 applications are available for NetWare, including popular network-centric and workgroup productivity applications. That said, the nature of the NetWare loadable module (NLM) architecture means third-party applications tend to be complete solutions, offering integration within themselves, but integration with each other and the OS is poor.
Platform Support:
NetWare runs only on x86-based (386 or higher) systems. Client connectivity is good, with built-in support for DOS, Windows 3.1, Windows 95, NT, Mac
OS, and OS/2. You will have to configure the server to support long filenames, however, and you'll have to train Mac users how to log on to the NetWare NDS tree.
Performance:
Single-server performance is limited by the fastest x86 processor you can buy, because NetWare SMP does not automatically make its SMP capabilities available to all applications.
Management:
The NetWare administrator runs under Windows 3.1, NT, Windows 95, and OS/2. It makes user, group, and directory tree management as well as volume administration simple. To shut down the server, however, you need to be at the console or using the DOS-based remote-console utility included with the OS.
Development:
NetWare is not a great development platform. In particular, the lack of an open-interface model and shortage of development tools and documentation have hampered development, although companies such as Oracle and Lotus have designed their products as NLMs. The NetBasic scripting
language enables building server-based logic. Novell's IntranetWare initiative emphasizes Java as the development environment and may provide some improvements.
Reliability:
NetWare file servers have a well-earned reputation as being highly reliable. Server mirroring systems such as Novell's System Fault Tolerance (SFT) and Novell's new IntranetWare servers can self-diagnose and report hardware and software problems, and then engage automatic recovery. However, NetWare relies on running applications in ring 0 for performance, enabling applications (NLMs) access to each other's memory spaces. In theory, anyway, a rampant NLM could crash an entire server.
Security:
As a file server, NetWare's security is good, with features such as log-on time restrictions, account locking, and the ability to restrict log-on by workstation protocol. But as you layer applications on top of NetWare, you are at the mercy of the developer's security implementation. It is possible, for examp
le, that a backup NLM could give any user access to tapes in your tape drive. Novell is working on a network-level C2 certification for IntranetWare.
IBM OS/2 Warp Server
The marriage of
OS/2's 32-bit
, multitasking, multithreaded core to IBM's LAN Server 4.0 server OS produced Warp Server. The resulting product provides solid applications-server capabilities, along with file and print services, as well as good management tools, remote connectivity, and backup and recovery services.
Applications:
Although OS/2 Warp Server lacks broad-based applications support, major products and applications categories are represented, especially business applications such as accounting and even CICS. There is, however, no cohesive, consistently implemented integration strategy: Users must integrate third-party solutions.
Platform Support:
OS/2 runs on any x86 (486 or higher) processor, making it, like NetWare, limite
d to one architecture. That said, IBM has placed considerable emphasis on integration with other platforms. You'll find clients for DOS; Windows 3.x, NT, and 95; OS/2; AIX; and Mac OS.
Performance:
As with NetWare, the performance of OS/2 is limited to the fastest x86 processor you can buy. However, Warp Server 4.0 includes SMP that will work with a system with up to 64 CPUs. The SMP feature can provide a boost to existing 16-bit DOS, Windows, and OS/2 applications that aren't SMP-aware. By letting these virtual-mode applications run across multiple processors, rather than on a single processor, the reduction in task-switching overhead should produce an increase in performance.
Management:
OS/2, like NT, supports hardware discovery and supplements that with alerts when hardware is failing. Like NT, however, you need to use multiple applications to perform system administration. The user interface supports drag-and-drop object-based administration, including network-ba
sed software distribution and support for SNMP and DMI management systems.
Development:
IBM provides a selection of visual-programming environments, Software Development Kits (SDKs), and other development tools, including its excellent Visual Age products. That said, the OS includes only token third-party support for native OS/2 environments.
Reliability:
RAID 0 and 1 (but not 5) are built in to OS/2, as are backup services and utilities for bad drive sector remapping. OS/2 borrows the clustering architecture of IBM's high-end systems and provides detection of both node and applications failures. In this type of system, if a server or application running on a server fails, that server's work load immediately goes over to an operational server. The system manager can insert the failed server into the cluster after its recovery.
Security:
OS/2's security includes setting disk-storage limits for individual users, expiring accounts, and forcing passw
ord changes.
IBM OS/400
There's no doubt that IBM's AS/400 philosophy represents a highly integrated, powerful, and scalable approach to applications serving across the spectrum from department to enterprise level. However, for LAN managers coming from the workgroup arena, the IBM-only upgrade model of the AS/400 represents a drastic step.
Applications:
OS/400 has
over 25,000 applications available, including the DB2 relational database, decision-support systems, fax systems, and wireless LAN. It comes with the ability to serve its applications up to Web browsers.
Platform Support:
OS/400 runs only on the proprietary AS/400 hardware, which ranges from $10,000 departmental servers up to enterprise systems. It can run NetWare on an optional plug-in server board, and a similar NT Server solution is being developed. To support PC connectivity, the AS/400 provides middleware for Windows, DOS, OS/2, Unix, a
nd Mac clients. OS/400 supports IPX/SPX, TCP/IP, NetBIOS, and AppleTalk, as well as high-level APIs such as Open Database Connectivity (ODBC), DAL, and MAPI. Its Internet Connection for AS/400 supports HTML drivers, letting a business serve any AS/400 application over the Internet. Internet users can download files or software as well as access the AS/400 database.
Performance:
The AS/400's architecture may be proprietary, but it is not limited. The AS/400 Advanced Portable P03/10S is an $8000 portable server. At the other end of the scale is the AS/400 Advanced 9406-53S 2156 -- a 101-MFLOPS, $100,000 system. The same OS and applications run on the entire AS/400.
Management:
OS/400 has centralized management tools for its integrated systems. OS/400 version 3 release 7 includes support for management from NT, Unix, and Macintosh clients. You can manage some functions from Windows clients with a drag-and-drop interface. OS/400, like Unix, has a control language that mak
es it easy for OS/400 to support batch processing.
Development:
Tools such as IBM VisualGen for OS/400 are high-level development tools. C++, Smalltalk, and other compilers are also available.
Reliability:
OS/400's fault tolerance is primarily the result of third-party mirroring and replication products. IBM's OptiConnect, an expensive 220-Mbps fiber-optic link, lets you cluster up to 32 processors.
Security:
OS/400 provides the standard gamut of security features, including password aging, limits to the number of concurrent users, and forced periodic password changes. It also has access-control lists and auditing features.
illustration_link (10 Kbytes)
At each level of the OS, Solaris isolates applications from each other.
illustration_link (11 Kbytes)
NT 4.0 isolates all but some graphics applications from the hardware.
illustration_link (11 Kbytes)
NetWare development lacks an open-interface model.
illustration_link (7 Kbytes)
Virtual device drivers offer a direct interface for applications and hardware.
illustration_link (11 Kbytes)
OS/400 is one of the first IBM OSes with an integrated Java virtual machine.
Robert L. Hummel is an electrical engineer, programmer, and consultant. You can reach him at
rhummel@monad.net
.
Which OS?
