A biased and shallow look at evaluating Linux vs Winblows 2000 from Tech Republic

Bruce F Lucca lucca at Buffalo.com
Wed Apr 18 05:10:33 EDT 2001

Are you interested in Linux solutions but dismayed by the amount of hype
and exaggeration that currently swirls around the penguin operating system? 

Jason Hiner takes a look at the advantages and disadvantages of Linux and
dispels what he calls the "Linux security myth."

Tech Republic

Evaluating Linux: Reality vs. hype

Apr 18, 2001
Jason Hiner, MCSE, CCNA
(C) 2001 TechRepublic, Inc.

Judging from my recent columns "Save big by replacing NT file servers with
Linux Samba" 
"Don't look now, but Linux 2.4 is enterprise-ready," 
you can easily tell that I'm a fan of Linux. 

However, I certainly don't want to oversell Linux to TechRepublic members.
Linux continues to suffer from too much hype and exaggeration. My goal with
today's column is to help sort out the real advantages and disadvantages of
deploying, managing, and supporting  Linux in a corporate environment.

Why Linux is getting so much attention
A lot of the attention Linux has received in the last few years is based
less on what Linux is and more on what Linux is not. Quite simply, Linux is
not Microsoft. In fact, Linux might adequately be termed the antitheses of

Microsoft and its products are centralized, polished (at least in terms of
image), proprietary, user-friendly, and generally pretty expensive. Linux
and its software products are decentralized (in most cases), open source, a
little difficult to use, and generally quite inexpensive (at least up front).

Much of the hype that swirls around Linux is centered on the hopes of many
people, both within and outside the IT community, that Linux will help
unloose Microsoft's stranglehold on the software market. However, IT
professionals seeking to deploy the best solutions based on sound business
principles must cut through this hype when evaluating whether the OS meets
the requirements of various situations.

The Linux security myth
The first, and most prevalent, piece of hype I must dispel is the "Linux
security myth." 

I have to admit that it was reading a number of flawed and misleading
arguments about Linux security made by members in TechRepublic discussions,
as well as the recent article "I love you, Linux!" written by my colleague
Jack Wallen, that prompted me to write this article. 

Jack and many TR members have been asserting that Linux is inherently more
secure than Microsoft's popular Windows NT/2000 platform. I strongly
believe that argument is dead wrong, and I'll tell you why.

First, I must say that few people know Linux like Jack Wallen, 

and his Linux tutorials are some of the best in the business. You can tell
from his writing that he passionately wants Linux to succeed in the IT
marketplace. I think that a lot of the TR members who are making outrageous
claims about Linux
security are Linux enthusiasts like Jack.

However, arguments such as the one put forth in "I love you, Linux!"? which
use the example that Linux wasn't hit by the ILOVEYOU virus to claim that
it is not susceptible to these kinds of damaging activities?are flawed
arguments from a network security standpoint. 

It's like saying, "Let's go to the second floor of our glass house because
the people outside are throwing stones only at the first floor right now."
Eventually, they'll start throwing stones upstairs, too, and eventually,
hackers and virus writers will start targeting Linux. 

Suggesting that a switch to Linux will keep your organization out of harm's
way is a
temporary solution, at best, and is not a good security strategy.

No operating system is inherently secure, with the possible exception of
something like Trusted Solaris, which is built entirely around security in
order to serve the needs of government contractors and high-security

The security of most operating systems (including Trusted Solaris, to an
extent) depends heavily on the configuration of the administrators who
design, implement, and manage them.

Linux enthusiasts often point to the fact that Redmond is continually
releasing new patches for Windows as an indicator that Microsoft products
are less secure. However, these numerous flaws are found because of the
sheer numbers of administrators, security experts and hackers that put
Windows under the microscope every single day.

That's not to say that Microsoft should not make security a higher priority
in its development efforts. Obviously, it should. But putting Linux under
the same microscope reveals a plethora of security flaws, too, as evidenced
by the fact that companies such as Red Hat are also continually releasing
security patches to their Linux distribution.

In defense of Linux security, I will side with Linux partisans in agreeing
that an administrator can more thoroughly lock down a Linux system than a
Windows NT/2000 system because of the open source nature of Linux and the
fact that you can get in and look at every aspect of a Linux system -=-
something that's not possible with Windows software because of its
proprietary nature.

However, security still depends heavily on the person(s) configuring it. A
well-configured Windows server is certainly more secure than a poorly or
partially configured Linux server, and -=- let's be honest -=- it's much
easier and faster to configure and lock down Windows NT/2000 than Linux. 

Nevertheless, as I mentioned above, if you have the time, inclination,
and/or necessity for providing maximum security, it is possible to drill
down further into the Linux OS and make it very secure. Keep in mind that
this takes considerable effort, and there are still no guarantees since
Linux ultimately has its own security flaws that are continually being
patched by vendors and developers, just like Microsoft.

Ultimately, my goal here has been to dispel the myth that Linux is
inherently more secure than Windows NT/2000 because, clearly, it is not.
That being said, I think we're ready to have a sane look at some of the
areas where Linux has considerable value, as well as some of the penguin's
drawbacks. Figure A shows a rundown of the Linux pros and cons that we'll
be discussing.

Figure A

A look at the true costs
You can't talk about the advantages of Linux without talking about dollars
(or whatever your national currency may be). One of the tried-and-true
methods of turning big profits in the software industry is by requiring a
paid license of your software for each machine on which it is loaded (see
Microsoft Corp). Linux flies in the face of this trend by not requiring a
paid license for using the operating system.

For example, you can buy one $29.95 Red Hat Linux CD and use it to load
Linux on 100 servers. You do not owe Red Hat any additional money and you
are still legally within the terms of the General Public License for Linux.
If you had decided to load Windows 2000 on those 100 servers, it would have
cost you in the neighborhood of $75,000 -=- if you took advantage of one of
Microsoft's volume discount programs.

Obviously, this factor alone can make Linux very attractive.

Actually, in a situation such as this, Linux can save you even more than
the cost of the licenses because the hardware requirements for Linux are
significantly less than Windows NT or 2000 for accomplishing the same
tasks. For example, whereas a Windows 2000 server really requires a minimum
of 256 megabytes of RAM to accomplish basic file and printer sharing, a
Linux server can offer comparable performance when handling the same tasks
with 64 to 128 megabytes of RAM.

Deployment and support
Another one of the most widely extolled virtues of Linux is its stability.
Once you get Linux properly configured?a task that's not for the faint of
heart or the inexperienced?you can definitely reap the benefits of
excellent stability. I have heard enough stories from other administrators
about Linux Web servers, DNS servers, and firewalls that were configured
and then not touched again for over a year to believe fully in the
stability of Linux. I can also personally vouch for the Linux firewall on
my network, which has been running without a hitch for four months, and a
Linux Web server I helped set up that ran uninterrupted for over six months.

However, this stability does not come without a price. Setting up and
configuring any kind of server functionality on Linux takes considerable
effort and often an initial period of trial and error in order to make it
work. I think it's fair to say that even for a Linux expert, it takes much
more time to configure Linux on the front end than it does to configure
similar server functionality on Windows NT/2000. 

Again, this effort is often rewarded by a stable and reliable Linux server
that does not need as much baby sitting as many Windows NT/2000 servers

What does this mean? If you are going to deploy Linux, you must have some
well-trained Linux experts around. So you'll need to train your current
staff or find some Linux consultants to assist in the process.

Either way, you're going to be looking at incurring considerable expenses
to deploy Linux.

Support is another area where Linux costs can exceed the costs of Windows
NT/2000. Linux/UNIX administration is more complex and therefore more
expensive. It also takes longer to train your staff on Linux, which
increases the cost even further. Finding Linux consultants and good Linux
support can also be a major challenge.

In addition to being more complex and challenging to configure, Linux can
be more difficult to troubleshoot when things do go wrong. This makes it
even more essential to have well-trained Linux professionals available
whenever you are deploying Linux for a mission-critical function in your

Unfortunately, finding good training programs, first-class Linux support,
and competent Linux consultants can all be challenging at this point. These
things need to be nailed down before any Linux deployments move forward.

Back to the plus side, remote administration of servers is much easier and
more efficient on Linux than on Windows NT/2000 because all administration
tasks can be accomplished from the command line. Thus, a remote technician
can dial in to the server on a phone line or make a secure shell (encrypted
Telnet) connection over the Internet and set up, modify, or troubleshoot
the server.

Not on the desktop
I have to address one final topic. Recently, I've chuckled a bit as I've
read some of the discussions and member e-mails in response to our recent
series of articles on Microsoft product activation. 

members, frustrated by Microsoft's anti-piracy techniques, have vowed to
switch their desktop machines to Linux if Microsoft continues its plans for
restriction licensing on Windows and Office XP. 

While I fully identify with their frustration, I think that nine out of 10
of the people who make this claim must have never used Linux on the
desktop. If they had, they would know that Linux still does not offer a
common, viable desktop solution.

While Linux servers are rock-solid stable, the Linux desktop is notoriously
buggy and unstable. Key Linux desktop applications such as StarOffice,
WordPerfect, and Netscape Navigator are prone to frequent crashes. 

Some Linux distributions and versions have no trouble with these
applications, while others deliver pitiful performance or can't even get
them to run. Many of those who attempt to use these applications will long
for the stability and performance of Microsoft Office and Internet Explorer. 

I believe that this is mostly due to a lack of standards between different
Linux distributions and desktop environments. Unfortunately, the Linux
desktop is inconsistent across the different platforms, versions, and GUIs.
Thus, it simply isn't ready for prime time yet.

The final word
When it comes to Linux, I am a realist and not the kind of convert or a
zealot that characterized the early Linux user base. I am the kind of IT
professional that Linux needs to win over in order to build a lasting niche
in this industry. 

In this article, I've tried to take a sober look at Linux's advantages and
disadvantages to help administrators see through the hype and make sound
business decisions when considering a Linux deployment.

How do you feel about Linux hype?
We look forward to getting your input and hearing your experiences
regarding this hot topic. 

Join the discussion below or send the editor an e-mail.
<mailto:netadmin at TechRepublic.com?subject=Article%20comment>

Copyright (C) 1999-2001 TechRepublic, Inc. 
Visit us at <http://www.TechRepublic.com>

More information about the nflug mailing list