Date: Thu, 11 Oct 2001 21:55:57 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Kastaki" <kastaki@ganbert.com>, <dmp@pantherdragon.org> Cc: <freebsd-newbies@FreeBSD.ORG> Subject: RE: UNIX and Networking Message-ID: <000201c152da$2df40700$1401a8c0@tedm.placo.com> In-Reply-To: <012401c152b6$72bb7d60$6760ff3e@computer>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-newbies@FreeBSD.ORG >[mailto:owner-freebsd-newbies@FreeBSD.ORG]On Behalf Of Kastaki >Sent: Thursday, October 11, 2001 5:40 PM >To: dmp@pantherdragon.org >Cc: freebsd-newbies@FreeBSD.ORG >Subject: UNIX and Networking > > >> On a server, the more workload you can take off the CPU the better, >> that way it has more time to handle the management tasks and heavy >> lifting. This kills software modems for any server. Second, because >> FreeBSD is even less of a desktop OS than Linux, people who do use >> FreeBSD as their desktop are definitely hardcore sub-species of geek. >> Thus the users and, more importantly, those who can write the drivers, >> already know better than to go anywhere near a software modem. > > >I know this might sound really stupid, but how do you use UNIX in a >networking environment??? >I mean, take Win2K, you can install a DOMAIN CONTROLLER and you have all >your users log in to a domain, and it makes life much easier as an >administrator, you can set security policies, you can virtually control >their life from 9 till 5......as long as they LOG INTO THE DC....but if they >log in as local users (if they are allowed), then they will have no access >to the network.... > >Yes, I agree UNIX is more stable, it can run Web Servers or Mail servers >more efficiently, it can run File and Print Servers and most of the time it >can run Application Servers, such as Oracle on Sun Servers - but my question >is, how do you administer the network as far as your users as concerned? >If your users are using Win2K Professional desktops and you are running UNIX >servers, then they obviously log into their desktops as local users, and if >they want to use that Oracle DB, they can double click an icon on their >desktop and that starts a shell at the UNIX server, but how can you control >their desktops from your UNIX Box - or do you have to have a DC somewhere in >your networking environment? Bearing in mind that 80% of security breaches >are internal!! > What you have to understand is that UNIX is a totally different paradigm from NT/W2K. Windows grew up in a graphical environment from a single-user point of view. This was good if you had limited system resources because removing internal security and multiuser support takes a huge chunk of code away. Also, from a business perspective, Microsoft makes money on every copy of Windows sold, so it's in their interest to have a whole network of windows desktops. UNIX came from a different perspective - true UNIX networks originated as networks of ASCII terminals and a central multiuser UNIX server. Later on when graphical programs became more important, these networks became networks of X-Terminals. In that kind of network, all applications are on the central UNIX server and the remote terminals are simply terminals and don't execute programs themselves. Today, both types of networks are starting to take on characteristics of each other. Microsoft has found that the Domain Controller model is simply not scalable in large networks. It's fine if you have 100 or fewer desktops all on a flat network (like with a big 10/100 switch) but beyond that the support and licensing costs of duplicating applications across every single desktop is astronomical. You have workstations breaking down and needing to be reformatted every day in the larger networks. So, Microsoft is actually now moving more and more toward the traditional UNIX model of using Windows terminal services where the central NT/W2K fileserver becomes a terminal server and all applications run on it there, while the remotes all become dumb workstations with no apps loaded on them, running Terminal Server client. You should read the Microsoft literature sometime. In a TS model the Domain Controller becomes unnecessary. By contrast UNIX is moving somewhat away from that model to a model where every UNIX workstation in the network is a full-blown UNIX system. Now, if your wondering how to exercise control to the Microsoft Domain Controller level in UNIX the answer's easy - you design the network like that. Simply set up a central, massive UNIX server and make every PC in the place running a copy of UNIX that runs an X-server, and when users login to those systems they get a desktop with icons that run X-programs on the central UNIX system. This is a beautiful solution from a corporate network point of view because all user configuration is on the central server and if a workstation dies then it's user isn't offline for 3 days while all their apps and settings are reinstalled and re-setup. Instead the dead workstation/X-terminal is replaced by another X-terminal. Licensing is also easy because since your apps are on the central server you don't have to purchase hundreds of copies of - say - Microsoft Word, you just purchase ONE copy of a wordprocessor and everyone runs it from the central server. What everyone is starting to agree on, however, is in a typical corporate network of office drones all running the typical Word/Excel/PowerPoint/Email application on a Windows PC, that we simply cannot use that as a model long term, the support costs are horrendous. Instead the user-definable settings absolutely must be taken away from the workstations and centralized. Microsoft has realized this and has Terminal Services as an answer, and whether you believe it or not TS is becoming more and more used in the corporate network every day. UNIX has always had this model as an option. >I guess what I am trying to ask is can Unix live without Microsoft or Novell >as far as authentication is concerned? > It's far more than about authentication. In a large corporation you simply cannot permit people to do things like saving files to the local hard disk, saving e-mail to the local hard disk, it is just setting yourself up to be slammed in the face when the users computers die. You have to move as much of it as possible to the central servers. This is also why so many large companies are really trying to sit on the idea of purchasing a ton of laptops. In the most advanced companies, they are funding broadband VPN connections from desktops at people's homes to the corporate network, and for the roaming salespeople they are pushing Palm Pilots and WinCE systems on them, and trying to get rid of the laptops. There's still a lot of holdouts of course, but most sales dogs I know once they switch over to the lightweight Pilot they hate lugging the fat laptop around. Another extremely important point is in a sales meeting it's socially acceptable to slap out a Pilot or a CE system and make a notation, you don't see people hauling out their laptops in front of customers and flipping up the screen and making notes. More and more I'm just seeing the sales groupies when they go calling on a customer they lug along a token laptop that runs the dog-and-pony show and that's the only one they take. (and half the time the D&P show either doesen't work or is inapplicable to what the customer wants to talk about and it's a waste of time to mess with anyway) Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000201c152da$2df40700$1401a8c0>