Novell SLES9 vs Windows2003 Server
Introduction With Novell's recent release of their SLES9
server (Suse Linux Enterprise Server), I decided to compare their new
offering against Microsoft's Windows 2003 Server (Enterprise Edition) in a
Windows based network environment. Can SLES9 be a viable server solution
as an answer to using a Windows 2003 Server?
This article will
compare these two server products in a small to medium sized Windows
network environment. I will be using the following categories:
reconfigurability, basic administration tasks, server tasks, file system
performance, overall cost and user/computer management. These are basic
functionalities that every network server needs to
provide.
Microsoft's Windows 2003 Server Microsoft's
Windows 2003 Server (Win2k3) was released on 24 April 2003, and is the
fourth major Server Operating System released by Microsoft in the 10+ year
history of their NT product line. Win2k3 also continues on the development
of Microsoft's Active Directory management database. Active Directory was
first introduced with Windows 2000 Server, and has gone through some minor
changes, especially in the field of maintainability and
usability.
Novell's Suse Linux Enterprise Server
9 Over the past 8 years Novell has had a steady drop of sales of
their Netware product line, mostly losing customers to Microsoft's NT
Server line. In light of this fact, Novell decided to make drastic changes
to their business model. Late last year (2003) Novell purchased two
businesses that specialized in products based around the GNU/Linux
Operating System. One of these companies, Suse, maintained a very popular
“Linux distribution”.
Suse Linux Enterprise Server 9 (SLES9) is the
third "Enterprise Server" released from Suse, which in turn is based on
Suse Linux. Although SLES9 is the second Linux Operating System released
since Novell purchased Suse, it is the first to actually contain any
Novell branding.
Novell is planning to port most of their
networking products to SLES, and their first major release of these
products, Novell Open Enterprise Server, should be available in the first
part of next year (2005). Novell's OES should include most of their
popular addons, such as Zenworks and the Nterprise services, as well as
introduce some new products such as iFolder.
For more information
on the history of SLES9, visit the wikipedia sites for Suse and Novell
Netware.
Server
Administration Most Servers will evolve over time,
usually adding services, changing settings or simply fixing minor problems
and annoyances. A server operating system should contain easy to use tools
and utilities to help the administrator handle these issues. Both Windows
2003 Server and Novell's SLES9 Server utilize a central location for all
server administration tasks that need to be done. Windows 2003 uses the
control panel, the MMC and the Manage Your Server wizard, while SLES9 uses
Suse's Yast program.
Win2K3 - Control Panel and
Wizards What really sells Windows 2003 Server to businesses is the
fact that it looks and is configured in pretty much the same way that
Windows XP is. Managers continue to believe, rightly or wrongly, that if
the server is configured in pretty much the same way as what most people
use at home, then it should be easy for their Administrators to maintain
the server. I believe this can be true to an extent, but what usually
happens is more and more "Administrators", qualified or not, try to
maintain the server as they do their workstations. The result is that the
server soon becomes unorganized and possibly less secure, especially when
more than one person "configures" the server.
Any administrator
familiar with Windows XP and has any Windows Networking experience could
get Windows 2003 Server up and running quickly. This is due in large part
to the inclusion of "server wizards" that are accessed through the Manage
Your Server program.
Windows 2003 Server Configuration
Utilities
Microsoft includes wizards for nearly every
server task that Windows 2003 Server can accomplish. These wizards also
utilize somewhat sensible default values when services first get
installed. This is very important because with most installs on small
networks, the Administrator will in fact keep the defaults as-is. "Why
change something that works" is usually the mantra. Although the down side
of this, of course, is the fact everyone else knows how W2k3 Server sets
up all the services by default. So, it can be relatively easy for a
"cracker" to break into a system once a security issue is discovered with
a service that is enabled on the server.
Most of the other server
configuration tasks can be handled through the "Control Panel", which is
very similar to Windows XP.
SLES9 - YaST Novell's answer
to server administration is to include the ability to adjust nearly every
aspect of the server through a single program - YAST. The YaST (Yet
Another Setup Tool) application has been in active development for nearly
as long as SuSE's been in business (early 1993). YaST has been recently
licensed under the GNU GPL (General Public License) so other companies can
take advantage of the development, as long as they contribute back their
accomplishments.
The YaST program is very straight forward and is
very thorough on what aspect of the server you can adjust. YaST allows you
to change everything from network settings to how the apache web server
functions. Although YaST also utilizes wizards, if you know how the
service should be setup it is easy to get the service up and running to
your specifications. This is quite a bit different than the "cookie
cutter" wizard approach that Microsoft's Win2k3 Server uses.
Configuring SLES9 through the YaST
application
An advantage that Suse Linux Enterprise
Server has over the Windows counterpart is the fact that you do not need
to use a graphical display to adjust server settings. SLES9 is built on
top of Suse Linux, and all of the servers can be adjusted either through
the command line, or by simply modifying a text file. If the Administrator
is knowledgeable in Unix/Linux administration, SLES9 can become very, very
customized to your network environment. Microsoft is gradually adding more
and more command line administration utilities to their server solutions,
but currently they are no match for the power of a Unix/Linux
shell.
Overall, it "feels" as if you have more control over your
server when using SLES9 compared to Windows 2003. When you use the wizards
in Windows 2003, it seems as if you are relying on the software to
configure everything about a service, which is fine until something goes
wrong. SLES9 seems to be much easier to troubleshoot and fix than Windows
2003.
Remote Administration Both Windows 2003 Server and
Suse Linux Enterprise Server offer the ability to remotely administer the
server. Win2k3 server allows the Administrator to either remote control
the server, or to log in remotely using Windows Terminal Services.
However, both of these solutions do require you to have a somewhat fast
connection in order to get anything done. Windows 2k3 Server also allows
certain administration programs to access the server's resources over the
network. Programs such as Microsoft Management Console (MMC), the registry
editor and the Event Viewer allow remote connections in this
way
SLES9 offers a few ways to remotely administer the system.
SLES9 includes a VNC server that will allow you to remote control the
server from either a VNC client or a java enabled web browser. You could
also setup a remote X11 connections to allow you to remotely login from
another computer (not recommended for security reasons). You can also
utilize the Secure Shell that is included with SLES9. The secure shell
approach is by far the most secure and most popular way to remotely
administrate the server. Not only does it give you an encrypted shell
connection, but you can also forward any port, including the X11 display
through the SSH connection. So, for instance you can remotely log in using
SSH with X11 forwarding enabled and either run YaST from the command line
or forward the graphical YaST program to your local workstation using
"gnomesu yast2".
Various ways to remotely Administer
SLES9
Overall, if the Administrator is knowledgeable,
SLES9 is by far the better solution when it comes to actually managing the
server and all its services. Not only because Suse's YaST tool has more
features and is easier to use, but also since you have the option of
controlling just about everything from the shell.
Server
Administration Leader: SLES9
User and Computer
Administration
One of the most important and most used
tasks in a network is the addition and management of users and computers.
It is essential that all Administrators(and sometimes Power Users) have
the ability to create, modify or delete user accounts, the easier it is
the better.
This is where Windows 2003 Server really shines using
it's Active Directory. Active Directory is simply an LDAP (Lightweight
Directory and Access Protocol) server (plus other components) that
contains the user and computer accounts. What really sets Active Directory
apart however is the addition of a very easy to use, powerful client
application that controls the user/computer database.
Using Active
Directory it is very easy to add/remove users, sort computers, create
containers for various users, etc. The power of this quickly becomes
apparent when you need to quickly adjust the settings for a group of users
or computers. Say, for instance you want to set the home page of all the
sales people to the company's stock page, you simply need to create a
custom policy that will do this for you and simply apply it to the sales
container.
Administering Users through Active Directory and
YaST
Suse Linux Enterprise Server also, by default,
stores all of the user account information into an LDAP server, but
unfortunately the included Samba server does not utilize the LDAP back-end
by default, you have to manually configure Samba to use the LDAP server
for authentication, which is easy.
Since both Active Directory and
Samba uses LDAP, Does this mean that the Samba server on SLES9 can be a
used as an Active Directory Server? No, Samba is not meant to be a drop in
replacement for an Active Directory Server, although it can be added to an
existing Active Directory tree. In order to add users to SLES9, you simply
need to add them utilizing the YaST program, the shell useradd command, or
any other program that will allow you to add users to the system.
Computers can be added "on the fly" from the workstation when you add the
machine to the domain.
Overall, it is much easier to maintain Users
and Computers with Windows 2003 Server than it is with SLES9. Although it
is still not that difficult to do using SLES9. The weird part of this
functionality is the fact that Microsoft's Active Directory feature is
simply a re-implementation of Novell's Directory Services. However, once
Novell's Open Enterprise Server is released, this may be a moot
point.
User and Computer Administration Leader:
Win2k3
"Out of the Box" File Serving
Performance
One of the main issues you want to look at
when purchasing Server software and hardware is how well it will perform
as a file server, especially on a Windows based network where you have to
deal with "user profiles".
Windows User Accounts
Overview On a Windows NT/2k/XP based network, every user will have
a domain user profile. The profile stores all of the user's settings,
Internet bookmarks, etc. and how you implement profiles is dependent on
how the users work on the network and how much control you want over the
users. There are 3 basic profile types you can use. Local, Roaming and
Mandatory profiles.
(In a nutshell) Local profiles are simply
stored on the local machine that the user is on and if they adjust a
setting on the machine, it will not be changed on any other machine.
Roaming profiles are stored on a central server and will be downloaded to
the local machine every time the user is logged on and will also be copied
back to the server when the user logs off. The good thing about roaming
profiles is that if you adjust something on one machine, the other
machines will also use that change. Finally, Mandatory profiles are
basically roaming profiles that the user cannot change, they will be
copied to the local machine on log on, but will be deleted on
logout.
In theory, roaming profiles are the way to go for most
networks, not only because the users do not have to use the same computer
to retain their settings, but because it also inadvertantly gives you a
backup of every user's profile and the profiles are stored in a central
location. Unfortunately, when roaming profiles are implemented they can be
a huge performance hit on your servers, especially if the users login or
logout at the same time.
Now that you somewhat understand why file
sharing performance can be very important for logins as well as for
sharing files, lets get on to the the benchmarks.
Benchmarking
Environment The computer hardware used in benchmarking both
Operating Systems consisted of :
AMD Athlon XP 3000+ ( 400mhz
FSB ) 1 GB DDR Memory Gigabyte 7N400 Pro2 Motherboard (nforce
2) Adaptec 29160 SCSI Controller 40 GB Seagate Cheetah Hard Drive -
15,000rpm - latest version Gigbit Network Controller (on
motherboard) NVidia Geforce FX 5600 (as if this
matters)
To keep the number of variables to a minimum, I
specifically chose hardware that has mature drivers on both Windows and
Linux. I also stayed away from implementing any type of RAID in this test
setup. Most servers should use a RAID implementation, but for this
comparison I decided to only test the software on a solid hardware
foundation for both Operating Systems.
For the clients I utilized a
computer lab which consists of 20 NT4 Workstation computers ranging from
Intel Pentium 3 - 733mhz computers to AMD Athlon XP 2600+ computers. Most
workstations are directly connected to the same HP Managed switch as the
Server, although 5 were connected to a small Dlink switch, which in turn
was connected to the HP switch (Surprisingly, I did not notice any
performance hit on those 5 computers).
For both Server Operating
Systems, I simply used the default installs, loaded updated hardware
drivers, updated each OS utilizing Windows Update and YaST Online Update,
then set up a simple share that the Windows Clients could access. These
results are what you will get "out of the box" for both products. I am
sure that both products could be "tweaked" to improve the benchmarking
scores, but in my experience, most network deployments will mostly stick
to the default install, which is then customized to their network and
domains.
Legal Stuff - The benchmarking suite I used was
NetBench from Zonelabs. NetBench(R) is a registered trademark of Ziff
Davis Media Inc. or its affiliates in the U.S. and other coutnries. PC
Magazine's NetBench(R) version with the standard system Test Suite DM.TST,
with the following adjustments - The number of clients were changed from
the defaults to the following - 5 clients (using 5 computers) - 10 clients
(using 10 computers) - 15clients (using 5 computers) - 20 clients (using
20 computers) - 25 clients (using 5 computers) - 30 clients (using 10
computers) - 40 clients (using 20 computers) - 50 clients (using 10
computers) - 60 clients (using 20 computers) - 80 clients (using 20
computers) - 100 clients (using 20 computers). The test was performed
without independent verification by VeriTest testing division of
Lionbridge Technologies, Inc. ("VeriTest") or Ziff Davis Media Inc. and
that neither Ziff Davis Media Inc. nor VeriTest make any representations
or warranties as to the result of the test.
As you can see I only
used a total of 20 computers, which in turned emulated up to 100
computers. This may have had a impact on the results, but when I tested 5
computers emulating 20 computers against 20 computers, the numbers were
pretty much the same, so I assume this did not matter
much.
Results
The throughput graph displays how much
data the server can "dish out" with the number of clients requesting data.
The response time shows how quick the server is able to provide the data
to the clients depending on the number of clients requesting data at the
same time.
As you can see from the graphs, Novell's SLES9
pretty much more than doubles the performance of Microsoft's Windows 2003
Server on the exact same hardware in both categories. This is very, very
impressive, and shows the strengths of both Samba and the Linux kernel, as
well as the attention to detail Novell/Suse employees had when
implementing the default settings.
With this hardware Windows 2003
Server seems to max out on performance at approximately 30 Clients with a
throughput of about 135Mbps, where SLES seems to max out on performance at
approximately 60 Clients with a throughput of about 255Mbps. The response
time is also about twice as fast on SLES9 than on Win2k3 on the same
hardware. So, in theory, you can handle twice as many clients on the same
hardware using SLES9 compared to using Windows 2003 Server. For the actual
numbers you can view the OpenOffice.org calc sheet here.
For this article I tried different
ways to improve the scores for Windows 2003 Server without touching the
default install (which is what I am testing). This is why I only used
Windows NT 4 Workstations since they provided better performace than
2000/XP did. I also ran the benchmark 5 times for Windows 2003 and took
the best times from each benchmark (i.e. I took the best 5 computer
results, the best 10 computer results, etc.), whereas with SLES9 I ran the
benchmark 3 times and randomly chose one of the results (and it wasn't the
best one).
After running the benchmarks for the article, I also
tried to search the Internet for tweaks to the default install to improve
Windows 2003's performance, and after applying all the tweaks I found, all
I could get was maybe a 10-20% increase in performance. If anyone knows
how to really increase the performance of Windows 2003, let me know and I
will create an addendum to this. Apparently there has to be some magic
voodoo you can do to gain performance on Windows 2003 Server since
Microsoft continually states that Windows 2003 outperforms
Samba.
Performance Leader: SLES9
While implementing
this benchmark, I found a few interesting facts about our network. First,
if you run Norton Antivirus on your workstations, you are definitely
taking a massive hit. On the NT 4 machines, the usual throughput until the
server gets maxed out should be around 6Mbs, with Norton Antivirus enabled
it dropped to just over 1Mbps. On the 2000/XP machines I was going to use,
the hit was not as dramatic, but it still dropped from 5-6Mbs to just over
3Mbps.
Another issue I found interesting with the NT Workstations
was the fact that the 3com 3c905 adapters performed horribly with the MS
drivers included with Service Pack 6a, but an install of the latest
drivers from 3Com fixed the performance issue.
Compatibility and
Pricing
Compatiblity
In
today's software world, one of the issues you need to consider when
implementing a network system is the softwares compatibility with other
software. This not only means, does the software work with the given
solution, but in many cases, is the software supported on the given
solution.
Unfortunately software companies do not like to take the
blame for any malfunctioning software, even if they are responsible they
like to "pass the buck". I don't know how many times I had to deal with
software support personnel telling me that the cause of the error has to
do with the server software not being supported, then still having the
problem after transferring everything to a "test network".
At the
current time, this usually means that if you are not running a Microsoft
Server, many software companies will not support the installation. So,
when deciding upon the server platform, it is a good idea to find out what
software the users are running to find out if the companies have a
"servers supported requirement". Most software companies will usually
support both Microsoft and Novell Servers, and I am assuming that they
will also support Novell's SLES9 servers.
On the flip side,
Microsoft Servers do not interact very well with other vendor's servers.
An example: If you are going to use Active Directory, Exchange Server, or
most of the other servers Microsoft provides, do not even think about
using anything but a Microsoft DNS server. This is why I really got a kick
out of Novell's Ad - "Random Access: Freedom to choose SUSE Linux or any
other software you damn well please." - It kind of hits the nail on the
head.
Before you implement any server solution, be sure to ensure
all applications will at least run properly (be supported if needed) on
the chosen architecture. Also keep in mind that if you do choose a
Microsoft solution, be sure to calculate the expense of replacing any
servers that might interfere with the functioning of Windows Server
2003.
Compatibility Leader: Win2k3
Pricing
Cost wise, these products go in a
different direction. Novell prices SLES9 on a per server basis, where as
Microsoft prices Win2k3 not only on a per server basis, but also on the
number of clients that actually connect to the server.
Novell's
price for SLES9 (x86 and AMD 64 architecture up to 2 processors) is $349
per server per year. This includes however many clients you may connect to
it.
Novell's SLES9 Pricing
Microsoft's pricing
is a little more complicated.
Microsoft Windows 2003 Server
pricing
First off there are different versions of Win2k3
Server available, once you figure out which version will suit your needs,
then you must calculate how many clients will actually connect to your
server, then finally (apparently) you must then decide if you have to
purchase a "connector" license (not sure exactly what that is). So, the
following chart compares the different prices for each server, depending
on the number of users and architecture. All prices were computed using
each companies web site, and Windows 2003 Enterprise Version is required
if you want to use a 64bit processor.
As you can see, using Windows 2003 Server, as
the network grows, so does the cost of the server software. This is one of
the drawbacks of using any software that requires you to have a seperate
"Client Access License" (CALs) for each computer accessing it's resources.
Fortunately Novell did not take the CAL route when pricing their SLES9
Server. Let's hope Novell takes the same route when they price their Open
Enterprise Server (I highly doubt it though).
Pricing Leader:
SLES9
Conclusion
As you can see, Novell's SLES9 is a
very worthy contender to Microsoft's Win2k3 Server in a Windows
environment. Not only does SLES9 perform better on the same hardware, but
it costs less – possibly more than 1/10th the cost of a Microsoft
solution. So most of the “Lower Cost of Ownership” talk coming out of
Redmond is either just plain false, or they think people cannot comprehend
anything relating to computers that is not a Microsoft Solution.
Is
SLES9 a perfect solution for every network? No, you still must factor in
all issues before deciding upon the server software. Especially find out
if you may have issues relating to software support from other vendors.
Until Linux Servers become more popular in the Small-Medium network
environment this will always be an issue.
For ease of
Administration, Microsoft's Active Directory is a nice utility to manage
the network.....but is it all that Microsoft says it is ? Most network
installations that I have come across that utilize Microsoft Windows 2000
and 2003 server do not take full advantage of Active Directory. Mainly
because they either don't know how to properly implement it, or they
utilize login scripts to accomplish basically the same thing. As a matter
of fact, a lot of the Administrators I know that handle larger Windows
Installations (500+ computers) just use the basic features of Active
Directory and use either ScriptLogic, Kixtart, or another scripting
language to manage everything else. A few that I know even went to the
extent of getting away from roaming profiles by having the login script
create the user profile “on the fly” and just blow it away after the user
logs off.
There are many other issues to consider when choosing a
server platform that were not covered here. The first step you should take
is figure out exactly what you want the server to do, then go from there.
Other issues could involve disaster recovery, security
monitoring/Intrusion Detection, "other than Windows" client access,
clustering, other servers (such as Web Server,Database Server),
etc.
Currently, unless you are going to take full advantage of
Active Directory, or you have a vendor that refuses to support their
product on anything but a Microsoft product, I cannot find a legitimate
reason for anyone to choose Windows 2003 Server over Suse Linux Enterprise
Server 9, especially for the price that Novell is selling it for. Novell
has a golden opportunity here - First they need to start pushing SLES9
more. Second, once all the components of their “Open Enterprise Server”
are finished, do not utilize outrageous pricing or licensing. It is much
better to have 1,000,000 customers pay you $1,000 - $5,000+, than have
10,000 customers pay you $10,000 - $50,000+.
With SLES9, it's not
"Where do you want to go today?", but Where do you want to be at for
tomorrow's technology?
|
|