This is a very interesting essay, but I for one would appreciate
being informed not only about the technical issues but also the
economic issues.
In other words, I, for one, would appreciate your getting started
about the relative costs of NT vs. UNIX.
Thanks.
Duncan C. Kinder
dckinder @
ovnet .
com
> On Fri, 11 Oct 1996, Hubert Felber wrote:
>
> > Can you explain why you doubt on the NT operating system? I always thought
> > that NT is secure, robust and easier to manage then UNIX.
>
> Hmmm... Maybe I can answer this one.
>
> "Doubt" is somewhat of a misleading characterization. As an admin-
> istrator, I am inherently skeptical of computer products; I have been
> burned too many times in the past by programs or operating systems which
> make exuberant claims and then do not live up to them.
>
> Therefore, when evaluating options to solve problems in any area,
> including firewalls, I look at my personal experience and the experiences
> of other professionals whose opinions I trust, as I find this to be a
> better gauge than commercial vendors' claims.
>
> Therefore, I "doubt" all products until they have proven their utility to
> myself and others. This is their default state, if you will.
>
> The reason I trust Unix is that it has a proven history behind it. It
> has a demonstrated capability to do networking well; in fact, it is the
> best OS out there when it comes to networking, if from nothing else than
> a performance point of view. I have all the tools I need under Unix to
> get exactly what I want out of my firewalls, and as a fairly experienced
> administrator, I have the knowlkedge to build such firewalls using Linux
> or FreeBSD, Socks, TIS, and a whoe range of public technologies. This
> approach gives me the following benefits:
>
> - known security. There may be security problems with my setup
> (indeed, there are security problems with any setup), but I have
> source, and anything broken I can fix.
>
> - flexibility. I can go with socks, I can go with TIS, I can go
> with IP Masquerade, I can go with packet filtering. I can do
> logging any way I wish, I can access the machine via Kerberos
> or SSH. I could go on for a lot longer.
>
> - cost. I can do this on a pentium with $0 software costs. This
> is important to me, as I try to save my company money whenever
> I can. I am confident that for $7,000 in hardware, I deliver
> the same quality of security that a $50,000 solution from a
> commercial vendor would provide, with the added benefits I have
> listed here.
>
> - performance. I can monitor the system, identify any
> performance problems, and find or build enhanced tools to speed
> it up. With source comes power.
>
>
> These are some of the arguments for a Unix-based solution.
>
> NT lags on many of these fronts. Source to the OS? Yeah, right. I have
> looked at the internals of Linux's kernel-level ip-filtering, and I think
> it's pretty good. Did Microsoft do a good job with that under NT? Who
> knows.
>
> Performance? Microsoft can't even get multicast working right under any
> of their os'es (just ask Van Jacobsen), and the DNS server they ship is
> non-RFC-1035-compliant. Given a Pentium w/ 32MB RAM, does it perform
> equivalently with Linux and NT? God no; you pretty much have to have an
> Alpha to get good performance out of NT, and if I were going to throw an
> Alpha at the problem, I'd run Linux on it, too.
>
> Known security? You have to trust Microsoft that they did it right. If
> someone can adjust two settings in the registry and defeat their
> licensing, then how good is their security? No one knows. Oh yeah, Todd
> Needham of Microsoft saying that telnet, etc., are a "really primitive
> way to run your machine" doesn't help my estimation much either.
>
> Flexibility? I can shell or perl my way out of most problems under
> Unix. NT? Forget it.
>
> Cost? Don't get me started.
>
> I guess the real question is not :
>
> > Can you explain why you doubt on the NT operating system? I always thought
> > that NT is secure, robust and easier to manage then UNIX.
>
> I have explained why I have faith in a Unix solution. The real question is:
>
> Can you explain why you think that NT is secure, robust, and easier to
> manage then UNIX?
>
> I'd be interested in reading an answer.
>
> __
> Todd Graham Lewis Linux! Core Engineering
> Mindspring Enterprises tlewis @
mindspring .
com (800) 719 4664, x2804
>
>
Follow-Ups:
|
|
