Linux vs. Windows as a server (Web/email/database) 3

[HenryMonster]

Hi All,

I am looking for your advice:

I am about to start a project for a small maritime shipping company. That's briefly what they want:

- all servers should be kept on their site (they have a T1
internet connection);
- e-mail server to host company's e-mail,
- Web-server which should host their web-site (quite
simple) to just present the company to the outside world
and provide informatyion on their services
- Several Web-based applications available to the company
employees, which would allow to enter new orders, track
shipments etc.

The company does not want to overs pend but at the same time they can shell out some funds and go for W2K, MS SQL server, ASP etc.

My question is: would you recommend using Linux for these applications ? Basically the company is extremely interested in the stability of this system.

If going Linux way, what kind of security measures should be taken ? Are there well know seciruty breaches in Linux and there are patches that should be applied ?

One more question: are there VPN implementations available for Linux ?


Thank you very much in advance,


HenryMonster.

 

[pupu]

There are VPN solutions that work good (FreeSWAN, for example). Of course there are known security problems, you really should check updates for your chosen distribution, subscribe to announcement lists etc. But the major question is - are you familiar with development for Linux and with administering it? It is pointless to choose Linux when you are MS guru and your customer has the money ready. Yes, Linux can serve great in all areas you named and it will cost you nothing - BUT if you will lose 6 months learning things that you already know on another platform, it is IMHO pointless.

 

[Norwich]

Assuming you are happy with the learning curve, the requirements are 'standard' linux/open source services.

The database could be mysl or postgresql (the most popular) but there are firebird and now SAP's open source database system.

The webserver would be apache and you would most probably use the php scripting language to interface the webserver to the database (much as you would use IIS and ASP to interface with MSSQL).

An Email server would be handled by using a standard delivery agent (sendmail or postfix), local spoolfiles and the POP3 or IMAP services to deliver to the client.

The distro you choose should have a patch/update delivery system - though some may want you to pay a support contract for all the bells and whistles. Saying that, the Debian distro will take care of this for you all under open source code but it is not a distro for beginners.

Personally, having used this kind of set up and the MS equivalent for far too many years to admit to, I would go with the Linux solution for a small cost-concious company. The advantages for the MS solution would be if you wanted a synchronised database or synchronised email system. saying that, with many remote offices, Linux is the far better system to remotely monitor and administer.

As for VPN and firewalling, you may want to spend some of their money on 'corporate' firewall/VPN systems rather than go 'pure' open source as they can be tricky to learn and administer. I would recommend having a look at Astaro (astaro.com). It's still linux based and used the standard open source services and facilities (squid, iptables, freeswan) so you can dig around but has a quite nice administration / reporting / update system on top and very good VPN facilites.

 

[sleipnir214]

An excellent post, Norwich. A star for you.

The only thing I might mention is the cost factor. PostgreSQL compares well to MSSQL, but MSSQL will cost you more than $10000 for the licensing necessary to use it as a web backend. Not to mention licensing for the OS on which it must run.

For the savings in software cost, you could upgrade servers, add a standalone firewall machine, and license RedHat's upgrade system.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!

 

[Norwich]

And for completeness, you don't need to use a wholey Linux or MS based system. You can put mysql and php on an IIS server as the database backend. Similarly, you could have MS running everything but a single linux box doing a mail server - exchange can be expensive.

 

[pollux0]

I grew up on MS and started networking on MS but have recently started a switch over from MS to Linux at our corporate office. We have done this for many reasons:

1.cost
2.privacy issues with MS and MS programs
3. Stability is very opinionated. What makes something unstable? Hackers, bad code? It depends. Many people claim they go months w/o rebooting a linux server. We reboot our MS servers once a week.
4.MS will no longer support its NT product line forcing everyone to purchase 2003. With Linux you will not be forced to do anything. I expect this to happen to WIN 2000.
5.You do not need a graphical interface on a web/email/database server which saves GBs of room and MBs of memory. You can install a linux web server without the bloated OS that comes with Microsoft.
6.You cannot install MS Exchange without setting up a domain/domain-controller first. (very insecure)
7.Linux's Postfix was written by a security expert who put efficiecy and security first.
8.Most virui and hacks are aimed at the MS operating system environment
9.MS's SMB protocol is a pain in the ass. It cannot be SNAT'd with a firewall.
10.MS will soon force automatic updates and activation on its operating system.(atomatic updates is a no-no on critical servers)
11.Most importantly, even with a high learning curve, you will feel more satisfied with building a Linux Box.

However I think MS Active Directory and desktop software is far superior than anything Linux has to offer and very helpful in an office environment. It gives lots of power to office administrators.

 

[PcLinuxGuru]

Great posts...

I would like to comment on Poluxx's statement on Active Directory...

As a project I was able to duplicate Active Directory for Linux. Basically all the client workstations were win2k and all my servers were Linux... Although it did take me a long time (3 months) because I had to learn Windows2000 Active Directory and how I can do the same thing in Linux... The bigest part was LDAP, Kerberos, Samba, Bind, and ISC's DHCP (DDNS).

Just like all other MS software everyting is just pre-built for you and you don't really see what it's doing.