Comparing Linux and Microsoft Windows for Enterprise Usage
For far too long, Linux has existed on the periphery of enterprise computing. Whether it is skepticism of open-source technology, a preference for paid instead of community support or the ever-forking tree of distributions, many businesses have shied away from Linux. In recent years, commercial Linux vendors have been hard at work polishing their distributions in the hope of establishing a beachhead in the enterprise. These mature distributions have rendered many past criticisms moot, and coupled with new opportunities in emerging technologies like virtualization, Linux stands poised to re-establish itself as an enterprise-caliber operating system. However, if these vendors are to be successful, they must take on the leviathan in the enterprise: Microsoft.
In this article, I discuss several areas of the enterprise that are prime candidates for Linux adoption or expansion. In each case, I look at the current Microsoft offering in that area and then highlight a legitimate Linux-based contender. In doing so, I do not intend to keep a running score card and come up with an unsurprisingly biased conclusion (this is Linux Journal after all). I merely want to start the conversation in order to demonstrate Linux's inherent business value and strengthen the community at large.
There are a few caveats before I proceed. For the purposes of this article, I have blurred the line between server and desktop platforms to keep the discussion at a strategic level. The topics I examine may touch upon aspects of one or both platforms. I also have limited the distributions used here to those with paid support, as they tend to be targeted at the enterprise market. With the exception of BIND and DHCP, I have avoided any technologies/packages, such as LAMP, Samba, Sendmail or any iconic Linux app I felt already has been beaten into the ground with comparisons. I want to bring something new to the table. Finally, this article does not tackle the thorny issue of application serving or application compatibility. We all know the vast majority of business apps are developed for the Microsoft platform. Wine and/or Mono are not the answers. Developing software to emulate another vendor's code always will leave Linux users behind their Microsoft counterparts. However, the rapid growth of Web-based apps, advancements in virtualization (application and desktop) and the arrival of cloud computing may change this dynamic in the near future as applications become separated from the desktop.
User Account Control (UAC) has been an essential part of Microsoft OSes since Vista. UAC protects the OS by requiring services and programs to operate with the correct permissions via security confirmation prompts. It is meant to limit the number of programs that run with unnecessary administrative privileges, a long-criticized weakness of applications developed for the Microsoft platform. Although UAC has received praise for making strides to eliminate this weakness, many admins have found that prolonged use leads some users simply to click Yes on the elevation prompts rather than evaluate the security risk. This leads to the elevation of non-desired programs, possibly to the detriment of the system. UAC can be complemented with the use of the Security Configuration Wizard that locks down unnecessary ports and services using a form-like survey to determine your minimum necessary configuration.
Security always has been an important component of the Linux pedigree. Utilities like sudo and chroot, which limit the context of certain programs and operations, long have been part of the Linux security toolbox. In the case of Debian-based distributions, root access is prohibited except through the use of sudo. Also, most distros now utilize either AppArmor or SELinux as an additional security layer at the host level. Although SELinux and AppArmor take different tacts to securing a system, each utilizes a least-privilege-based approach to minimizing the threat surface through the use of profiles. Although SELinux (Figure 1) has the distinction of being developed by the National Security Agency and of being extremely secure, it can be difficult to administer. By contrast, many admins believe AppArmor is just as effective and easier to configure. Novell includes a nice GUI tool for AppArmor in SUSE Enterprise Linux that includes a wizard for profiling applications that is a real time-saver (Figure 2).
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Varnish Software's Hitch
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide