Solaris-Win2000 Server Solaris and Windows

Solaris-win2000 Server

Solaris and Windows 2000 are both options chosen by many people as server operating systems. However, while intended to serve the same purpose, these are far from being copycat versions of the same operating system packaged and marketed by different corporations. Both systems will host various types of networks, but on Windows components interact at a very low level, while on Solaris components interact at a much higher level. With Solaris converting its licensing terms to open source, Windows remains a far more expensive and inferior choice for many reasons which will be detailed in this comparative and informative paper.

COMPARISON

Solaris and Windows 2000 server are both popular server operating systems, however, it would be difficult for two systems to be more different. Solaris is the product of combining Berkeley Software Distribution and AT&T System V Unix. Windows 2000 is an evolved version of Windows NT, which contains technologies from DOS and OS/2, with some inspiration from VMS. Both systems are suitable for hosting various types of network services including web, print, file and database applications. Windows is a tightly integrated system which allows components to share data and interact at a very low level. Solaris is highly modular; components interact at a much higher level by passing data as plain text. Windows has several different ways of abstracting hardware configuration and system configuration. Solaris uses human-readable plain text files for configuration and represents hardware devices as files. Solaris offers support for much more powerful hardware than Windows 2000 does, as well as three major architectures instead of only one. Until recently, Windows 2000 and Solaris had similar licensing term, charging different fees based on the number of processors in the server and the number of clients that need to access it. Sun is switching Solaris to an open source license, offering the software free of charge and earning money from support contracts. Solaris support contracts are significantly less expensive than Windows 2000 licenses. Solaris offers improved data integrity relative to Windows 2000 due to the features of both of the primary filesystems available compared to NTFS. The Solaris system of text-based configuration files is also more robust and easier to back up than the Windows 2000 registry. Solaris is a technically superior operating system; Windows 2000 Server should only be used in cases where specific software that requires it is needed.

Windows 2000 and Solaris both offer the ability to provide a wide range of services to clients running on a variety of platforms. Windows 2000 is optimized for providing file, print and directory services to Windows clients. The Samba software provided with Solaris for file services to Windows clients outperforms the built-in file sharing on Windows Server by a factor of 2.5. Solaris is designed to perform well for a variety of applications, especially databases and web serving. Solaris has traditionally been the platform of choice on which to host large databases. Windows 2000 can be used to run large databases as well, but does not approach the functionality of Solaris.

Windows 2000 Server runs on servers based on personal computer technology. Intel x86 and compatible processors are the only ones supported. Up to 8 processors and 8 gigabytes of memory are supported on generally available versions of Windows 2000 Server. The limited-availability datacenter version supports up to 32 processors and 32 gigabytes of memory. Solaris ships on servers with 128 processors and 512 gigabytes of memory. In addition to Intel x86, Solaris fully supports the next-generation x86-64 architecture and Sun's own UltraSPARC line of RISC processors.

Unix was designed from the beginning for simplicity. Everything on the system is represented as a file. Device drivers abstract hardware as files; applications interact with hardware by reading from and writing to the device files. Configuration is stored by the system and applications in plain text files. These text configuration files are readable by the administrator, allowing any application to be reconfigured manually. Unix configuration files allow internal documentation through the use of comments. Comments are lines in the file that are ignored by the program when loading it. Most default configuration files contain comments explaining how to edit the file. Administrators writing complex configuration files usually write comments explaining how and why a certain configuration is used as hints to themselves and future users for future troubleshooting. Plain text files are scriptable by nature, allowing administrators to create a general setup, then have a script automatically configure the details specific to a given environment. Configuration files for more complex software are often written in turing-complete programming languages, which means that behaviors that the software's authors could not envision can be expressed in the configuration file. A common example is mail server software. Routing of electronic mail has become exceedingly complex; an open-ended configuration syntax is the only way to allow administrators to express the required options. For this reason, most mail servers running Microsoft Exchange, which does not use this type of configuration file are positioned behind a Unix mail gateway running Sendmail, Exim or Postfix, which do. Text configuration files are easily backed up, copied between different physical and virtual machines and restored. Corruption of configuration files by programs is rare because they are easy to check for syntactic correctness. In the rare event that a file is corrupted by a program, or the more frequent event that it is corrupted by a careless or incompetent administrator, it can be easily repaired by a competent administrator with a simple text editor.

Windows 2000 stores most of its configuration information in a binary database called the registry. Values are generally put in to the registry by graphical configuration screens within Windows and third-party software. Manual editing of the registry is possible, but generally difficult for several reasons. First, there is no provision for comments or any other type of internal documentation; information about registry keys must be in an external source of documentation, which frequently does not exist or is not made available to the public. Second, registry keys usually have fewer contextual hints as to their meaning than configuration files. Third, the registry requires specialized software to edit; generic tools like text editors cannot be used. Windows 2000 does provide options for backing up the registry, however it does not make backing up specific sections easy. A complete registry cannot be transferred to another machine unless the hardware and software environment is identical. Despite the fact that such copying is technically possible under the ideal circumstance of identical servers, it can create legal problems with licensing. Windows, and many third-party programs store license information in the registry, and provide no standard way to enter separate licenses for each machine when the registry has been copied. It is generally possible to manually edit the registry on each server and enter unique license codes, however, the location of the keys containing the license information for each application is unlikely to be well documented. It is possible to script any registry change that can be made manually, however, determining what changes to make with a script has all the problems that making manual changes does. The registry is prone to corruption, and once corrupt is difficult or impossible to repair. Even Microsoft believes that the registry is suboptimal; Unix-like text-based configuration files are planned for the next version of Windows.

Solaris is made up of multiple components, most of which are optional. Most servers, for example do not require a graphical user interface, and Solaris does not require the administrator to install one. Windows 2000 does not allow users a choice about the installation of most components. Not only is a graphical interface required, but a web browser and a media player are tied to the system. No serious system administrator would surf the web and watch videos on a server. To make matters worse, Internet Explorer and Windows Media Player are a constant source of security holes in Windows. No software sufficiently complex to be useful is free of bugs, so having any unnecessary software installed on a server reduces its security and reliability. Solaris allows unnecessary software such as web browsers and media players to be left out during installation, or easily removed. Of course, such software is available for Solaris workstations or dual-role machines. Many of the components of Windows 2000 Server are tightly integrated; they share data space in memory or communicate using low-level application programming interfaces. A bug in one component can cause undesired behavior, including security breaches in other components. Components of Solaris communicate by passing simple streams of text through pipes, sockets and temporary files. In general, a flaw in one component will be isolated from others, limiting the potential for damage. The large storage capacity of modern servers means that the disk space used by the operating system is of limited concern, however, the amount of RAM and processor time used by an unnecessary component in a heavily loaded server is a serious concern.

Though Solaris does not require the installation of a graphical user interface, several are available for it. The traditional Unix Common Desktop Environment should satisfy long-time Unix users, though most people are likely to find it to be crude and dated. The GNU Network Object Model Environment is a modern desktop environment that strives for simplicity, similar to Mac OS. Gnome has all the features modern users expect in a desktop, though experts may be disappointed by the fact that many decisions are left out of the hands of the user. Experts are more likely to prefer the K. Desktop Environment, which provides a configuration switch for nearly everything that could be done in more than one way. KDE is the most popular desktop environment for Unix.

Windows 2000 offers only the default Windows user interface. The Windows shell is dated in comparison to Gnome or KDE. Though consistency and familiarity are beneficial, Windows lacks user-interface features like multiple window focus models and virtual desktops that are common to almost all Unix graphical environments. The Windows interface does offer several different color schemes and animated mouse cursors.

Windows and Solaris both offer similar technologies to assist physically impaired users in accessing and using the system. Such technologies include adjustable styles in the user interface, screen readers and magnifiers. Solaris comes with better built-in support for software-based assistive technologies, including on-screen keyboards and screen readers than Windows 2000 Server does.

Windows 2000 Server is licensed based on the number of processors and the number of users accessing the system at once. Additional processors or users result in additional fees. Solaris is now being offered free of charge. There are per-processor subscription fees for service and support, which are significantly lower than a Windows 2000 Server license. Standard and premium support packages include telephone support, for which Microsoft charges additional fees. Standard support for Windows 2000 Server products ends on June 30, 2005.

Sun currently provides support for six versions of Solaris, with full support available on three and no end of life date yet announced for two. Major components of Solaris are expected to be released under an open-source license, allowing users to modify the system. Merely viewing Windows source code legally is nearly impossible, and making changes is strictly forbidden.

The clear separation of components of Solaris gives it an inherent security advantage over Windows 2000 Server. Specific features further separate the two operating systems in the field of security. Access control lists in Windows 2000 allow administrators to express sophisticated permissions for access to files, but file permissions cannot express a complete security policy on a Windows server since many Windows APIs are not based on the use of files as an abstraction layer

Solaris supports similar access control lists, which provide for a more complete security policy on a system where nearly all operations are performed through file access. Solaris also supports role-based access controls, which allow for permissions based not only on the user account a process is running under, but also on what task, or role the user is currently performing. Role-based access controls allow the administrator to restrict potential damage from a security breach to the areas to which a given service requires access. For additional security, Solaris containers allow processes to run inside sealed areas of the system, with a network interface being the only way to communicate with the rest of the system. A process running inside a container is no more dangerous than if it were running on a different physical machine connected by a network. When containers are properly used, attacking one service to gain access to another becomes ineffectual.

Virus and worm outbreaks have affected Windows users for years, but self-spreading malware is rare in the Unix world. The SQL Slammer worm of 2003 crashed systems ranging from automatic teller machines to control systems is nuclear power plants. Microsoft likes to pretend that the proliferation of malware is due to the popularity of Windows, not anything having to do with its design. Worms, including the highly disruptive Nimda and Code Red have consistently plagued users of Microsoft's Internet Information Server, which has just over 20% of the web server market. Apache, which has nearly 70% has been relatively free of malware and has never had an outbreak on the scale of Nimda or Code Red. Malware authors may prefer to code for the most popular software, but only do so as long as it is convenient. The inherent security of a platform is the primary factor that determines the likelihood of a damaging malware outbreak. Solaris is inherently so much more secure than Windows that a major outbreak of malware will probably never occur, regardless of any changes in market share.

Windows has a well-deserved reputation for unreliability. Every experienced Windows administrator has seen the infamous blue screen of death that indicates the system has come to a grinding halt. Most Solaris administrators never have to reboot their servers. Windows was designed for single user personal computers; having to restart the computer was never considered a serious problem.

Unix was designed for multiple users. Restarting a system with a large number of users working on a variety of tasks at once is a serious problem, and Solaris goes to great lengths to avoid it. While such trivial things as a web browser update require a full restart on a Windows server, Solaris only requires a reboot when the kernel is upgraded. Rebooting a server that is providing mission-critical services to a business can have a significant financial impact.