For OEMs considering or planning to enter the server appliance market, the choice between Linux or Windows for a server appliance operating system involves critical trade-offs between platform functionality, incremental engineering and development effort, overall cost, and, most importantly, time-to-market. Ultimately, the OEM's goal is to select an operating system and tool set that enable them to get to market quickly, limit development cost, and differentiate their appliance, all on a reliable platform that delivers superior price-performance. In addition, OEMs want an operating system that delivers proven value from a reputable vendor who will support them for the long term.
Server appliances built on Windows 2000 Server operating systems with the Microsoft Server Appliance Kit (SAK) deliver four distinct advantages over Linux: Windows 2000 Server and Advanced Server:
Microsoft Server Appliance Kit:
Windows 2000: A reliable comprehensive and integrated operating system platform delivering seamless interoperability, scalability, and performance, and broad application support.
Windows 2000-based server appliances deliver seamless integration and interoperability with Windows, UNIX, and heterogeneous networks. For example:
Linux does not deliver comparable heterogeneous interoperability. For example:
Linux has PAM (Pluggable Authentication Modules) to support single signon. Linux can authenticate against NIS,NIS+,Kerberos,LDAP,mysql,postgresql or other systems for this capability as well.
This ventures into opinion somewhat, but I have serious issues with this. Saying "Linux does not support our proprietary and closed protocol suite as well as we do" is a very stupid argument to make.
Server appliances built with Windows 2000 integrate seamlessly into Active DirectoryTM network environments. Without any extra administrative tasks, Active Directory creates a two-way, trust relationship between domains, providing single authentication and easier access to information and resources across multiple domains throughout an organization.
Linux does not support trust relationships across domains or forests and thus cannot act as a trusted element in Novell Directory Service and Windows NT Domain-based networks. This makes it difficult to integrate Linux-based server appliances into such heterogeneous network environments.
Utter lies. See NDS notes above.
Server appliances built on Windows 2000 perform better versus Linux on similar equipment in SPECweb tests. A SPECweb99 study found that a Windows 2000 Web server could process more requests and serve more users than a similarly configured computer running Linux. The Windows 2000-based server with Internet Information Server (IIS) 5.0 handled 707 concurrent connections, compared to 545 connections for the Linux-based.
Windows 2000 delivers native support for Active Server Pages (ASP), giving direct access to the IIS transaction engine kernel. Furthermore, server appliances built with Windows 2000 also provide out-of-the-box support for ASP .NET, a rich and very robust framework for creating ASP application code. ASP .NET is a compiled .NET-enabled environment, offering developers the ability to build enterprise-class Web applications in any .NET compatible language including Visual Basic, C#, and JScript.
Linux offers support for ASP but it is non-native and requires an add-on program to Apache or some other Web server deployed on Linux. This means incremental engineering and development effort by the OEM, further impacting cost of development and time-to-market. Linux does not support ASP .NET. PHP is the worlds most deployed Web based ASP. (netcraft).
Server appliances built on Windows 2000 deliver comprehensive application support with an integrated component model for distributed or Web-based applications; multimedia services; and built-in message queuing for asynchronous communications, integrated application integration, and transaction-processing.
Linux has no available framework for developing distributed or Web-based applications and no integrated implementation of COM, DCOM, Enterprise Java Beans (EJB), and no integrated transaction-processing monitor or queuing system. This means the OEM has to source or build this functionality, resulting in extra development, higher cost, and a longer time-to-market. Linux doesn't implement the Windows Technologies COM or DCOM, however Linux does support EJB, and Linux does support several CORBA implementations.
Windows 2000-based server appliances provide advanced reliability features including a mature, well-tested journaling file system (JFS), which enables easy, dependable file system recovery and ensures no loss of data in the event of unscheduled downtime. Windows 2000 also offers support for Plug and Play, hot-swapping and kernel mode write protection. Windows 2000 also provides system file protection and Windows File Protection, which help speed recovery in case of failure, without any user interaction.
Linux now has over five options for a JFS. All of these are new to Linux and the depth of integration and regression testing can be scattered and the number of real-world implementations limited. The OEM will need to verify for itself the integration, depth of testing, and in-field results. With Linux, the OEM will have to take on the extra integration work to incorporate an add-in JFS or opt for a vendor-specific Linux distribution such as Red Hat, tying the OEM to that vendor for ongoing upgrades, support, and maintenance at an extra cost. Furthermore, Linux offers only limited support for Plug and Play, no kernel mode protection, and no functionality equivalent to Windows File Protection-significantly increasing difficulty and time when recovering from a failure. Multiple options for your filesystem lets you choose a filesystem that is suited to your needs. Lots of small files, reiser, long term proven use, ext3, streaming, XFS, etc... Kernel mode protection? I assume they aren't meaning protection of the kernel from userspace which linux has? Linux has had userspace implementations of PlugAndPlay and has kernel mode PlugAndPlay too.
Windows 2000 Server is a completely integrated, extensively tested operating system with built-in support for an array of protocols and drivers, as well as advanced technologies including Internet Information Services (IIS), clustering, Network Load Balancing (NLB), Windows Management Infrastructure (WMI) and the Active Directory (AD) service. In addition, Microsoft uses powerful stress testing and integration testing with teams of dedicated test engineers to ensure system integrity and that solutions work across multiple features.
Linux distributions are a collection of technologies from multiple sources that lack true integration. Some commercial Linux vendors may provide setup scripts that allow certain blocks of code to load in proper sequence but this is not true integration and does not provide a comprehensively tested solution. Furthermore, given financial and resource constraints, commercial Linux vendors often lack the means to employ comprehensive and extensive hardware and driver testing, trusting open source participants to test on their behalf or leaving the OEM to do the test and quality assurance work, thus increasing the OEM's cost and time-to-market.
Windows 2000 provides support for advanced reliability features, including volume management, which lets storage capacity be transparently extended without interrupting existing services, and volume spanning, which enables more efficient use of multiple-disk systems. In addition, Windows 2000 provides extensive, mature support for both software and hardware RAID. Windows 2000 supports thousands of RAID installations worldwide and the Microsoft Hardware Compatibility List for Windows 2000 lists hundreds of tested and certified drivers for RAID storage arrays, controllers, and systems. Some Linux distributions do ship with Logical Volume Management (LVM), but these implementations are new to Linux and require extra tuning by the OEM, thus increasing development costs and time-to-market. Linux does offer software RAID support but hardware RAID support is less comprehensive than Windows 2000. For example, Red Hat's Hardware Compatibility List has only two RAID storage/device controller certified drivers and Mandriva's Hardware Compatibility List notes only six certified RAID storage adapters. Driver signing in Windows 2000 offers OEMs the assurance that all drivers originate from a trusted source that has undertaken extensive testing and certification. Also, Windows 2000 enables OEMs to utilize standard, widely available hardware along with thousands of tested, certified drivers to build a server appliance.
Driver availability and certification can be inconsistent in Linux. Many of the drivers available for Linux have received little if any testing and are offered as non-supported drivers both from the open source participants and from commercial Linux vendors. For example, Red Hat's most current Hardware Compatibility List has less than 100 certified drivers and most of those listed are complete systems, not hardware components or peripherals.
The Microsoft Server Appliance Kit (SAK) provides a comprehensive, powerful toolkit to help an OEM build server appliances quickly and easily. This allows the OEM to focus its resources on adding value, rather than building an operating system from multiple components and add-on pieces. The SAK also provides powerful tools that include:
Linux offers no standard toolkit for the development of server appliances. An OEM must invest in third-party tools at extra cost as well as in-house development resources to get the kind of toolkit functionality delivered by the Microsoft SAK. For example:
The SAK includes an extensible reliability framework that includes watchdog timers, basic input/output system (BIOS) failover, automatic mirroring, and an appliance monitor service for excellent reliability and data protection.
Linux offers no reliability framework to enhance system reliability. An OEM must source this functionality from third parties at an extra cost or develop it in-house, thus increasing development cost and time-to-market. what is a reliability framework?
Native support for Active Directory (AD) enables server appliances built with Windows 2000 to integrate seamlessly into a Windows enterprise network.
Linux-based server appliances can be inserted into Active Directory environments, appearing as Windows NT 4.0 member servers, but, again, only when integrated with Samba 2.2 or higher, thus requiring the OEM to do extra development, integration, and testing work. Linux-based server appliances do not deliver equivalent functionality in an Active Directory environment, as Samba uses the Windows NT 4.0 SAM Application Programming Interface (API) and Remote Procedure Calls (RPCs) to obtain account information from Active Directory. This implementation means server appliances built with Linux/Samba cannot support publishing their share information to Active Directory network. Linux supports LDAP, Active Directory is a broken implementation of LDAP, who isn't compatible with who?
Server appliances built with Windows 2000 offer enterprise-level security with integrated support for Kerberos version 5.0, NTLM v2 authentication and a fast Secure Sockets Layer (SSL) server for data encryption over the Internet.
Linux uses clear text for authentication, does not allow the configurations of individual permissions to the file level and does native support standard encryption technologies such as Kerberos version 5.0. Kerberos is only supported on Linux as an add-on solution and is not integrated into the operating system, thus requiring extra development time and cost for the OEM. In addition, Linux/Samba delivers only NTLM v1 support. Kerberos is integrated into RedHat, Linux can use LDAP over SSL, NIS+ and other encrypted login systems.
Security Vunerabilities Found are not proportional to installed base
The Microsoft licensing model does not contain licensing provisions that require an OEM, and potentially its licensees, to disclose the source code for its intellectual property in a widespread fashion to open source participants. An OEM building a server appliance with Windows 2000 Server operating systems and the SAK has the assurance the software code and added value it develops remain the OEM's intellectual property.
Microsofts licensing model for code is that you may not use it all. Some Linux code is licenced under the GPL which offers you the opertunity to use the source code on the condition that you return that code so others may test it and build on it, other parts of Linux the code is free for anyone to use for any purpose.
To ensure proper management of its intellectual property rights, an OEM must carefully examine an array of licensing complexities around the General Public License (GPL) that govern Linux. These complexities have resulted in embedded and dedicated operating system companies such as Wind River saying that they are seeing "a growing problem due to the growing uncertainty of using GPL-based code in embedded devices". An example of this risk can be taken from NVIDIA. An NVIDIA programmer, in the course of developing a driver for one of its products, used a portion of code from a freely available video driver. The developer failed to realize the code was licensed under the GPL and would therefore require NVIDIA to release the source code for its entire driver. Because NVIDIA did not want to release the source code to its commercial software, the company incurred substantial cost to develop a new driver that did not contain the GPL code.
If the NVIDIA employee had been using source code from Microsoft Windows without correct licensing, the same case would have occurred. Furthermore, if the NVIDIA employee had written the code to start with, it would have cost NVIDIA the same if not MORE than the redevelopment cost incurred through the error
Companies need to recognize that in embedded and dedicated devices, such as server appliances, significant gray areas exist in the implications of the GPL's terms. Some forms of code linking and commingling may or may not trigger legal obligations under the GPL. As Michael Scott and Michael Krieger, a lawyer and computer science professor respectively, recently wrote, "Rare is the month when a lawyer who specializes in technology does not have a new client asking for help in untangling an open source code problem".