Slashdot Mirror
World Govs Choose Linux For Security & More
pjones writes "Government Technology reports that "For reasons of national security and national pride, government officials in countries like China, France and Germany are increasingly adopting the free, open-source computer operating system known as Linux." Noted in the article are China's Red Flag, NSA's Security-Enhanced Linux and much more."
But it makes sense for governments not to use software developed by US companies. I don't expect all of the customizations made by the Chinese to be released publically, but at least they are using Linux. As the timeline goes to infinity, free OSes, like Linux and BSD must prevail.
And the reason why they don't is beyond me. Truthfully, if the reason is to support "our" software industry, its just pathetic. They even charged MS with being a monopoly.
The real problem is that no one in the government knows any better. Why the hell do you think we get all these crap laws like DMCA in the first place? Its cause the very loud kaa-ching sound of coins in big business's pocket drown out the yells of the under-funded consumer group lobiests. And the fact that there is only maybe 10 people in congress who had a person computer before the age of 20.
Needed for Linux: 1) Easier installation and configuration. 2) Better documentation
3. Nice deployment tools, like Microsoft's Remote Installation Services, where a brand new computer with a bootable network card (or boot disk) can be booted up, press F12 and an entire pre-configured workstation image is downloaded and installed on the workstation. Complete with Office, etc, etc. Workstation hardware independent as well. (the image can be for a SMP machine and the workstation a non SMP machine).
Or group policy with inteliMirror, where workstations upon bootup can download and apply the latest office service pack (bug fixes, whatever) from a centeral server.
We are deploying this technology at the moment and it is VERY cool.
It's good to see people are finally realising that in using Microsoft products they are losing comptetive advatage. They're exposing themselves to the mediocrity of MS and all the dangers it entails. Improved security in Linux is just one example. As the net and IT infrastructure becomes increasingly improtant into the future, companies will realise the folly of blindly following Microsofts lead.
Reliable, Great Value Hosting: $7.95/mo 2.4G/120G
boot - net install
been doing it for years. sorry, yet another pathetic attempt at catch-up for m$
This guy knew enough to say that he hadn't the expertise, but he would like to accept their offer and bring some experts from the from the Bundesamt fuer Sicherheit in Informationstechnik and, of course, the Chaos Computer Club. Microsoft Germany did not respond after that.
To be honest, it could have been a good advertisement for MS if these guys had passed Win2K, but oh well, obviously they had their doubts.
See my journal, I write things there
"Microsoft Web server software powers about 30 percent of the world's Web sites -- and 62 percent of the sites that have been hacked, according to data collected by two Internet sites, Netcraft's Web Server Survey and the Alldas Defacement Archive."
It's not just the Government, schools are switching as well!
We just finished switching servers to (SuSE 7.3) linux (vs Novell) for Wentzville, Missouri school district. (wentzville.k12.mo.us) The workstation machines might be next!
Not because anyone hates Microsoft or Novell, just because it was going to cost them a minimum of $13,000 a year for Novell licenses and who knows how much for Microsoft licenses.
They simply can't afford it and don't want to resort to piracy as so many other schools and companies have.
On top of that their getting a lot of added functionality they didn't have previously such as in house email, dns and web hosting.
We also got them setup with NAT, DHCP, and a firewall. None of which they had previously!
They are very excited to see it up and running so quickly. We're going to train them with what they need to know and they've got other training in their future budget plan.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
The following is the result of research into various OS and office suites. THIS IS NOT MY OPINION! It's the opinion of a commitee I work with. I deleted the agencies name to protect my ass. This is what we deal with if we want to try and convert the Gov to an OSS solution.
.NET Server. We can anticipate similar desupport notices and issues for Windows NT Server in the next six months to one year.
.NET Server as the Network Operating System
/Hardware exceptions run a high risk of failing in this environment, particularly DOS based products.
Technical Evaluation of Alternatives for Upgrading and Migrating the 's Desktop Operating System and Office Suite and Network Server Operating System
The Issues: Since the deployment of Windows NT approximately 6 years ago and Office 97 approximately 3 years ago, Microsoft has released two new versions of the desktop operating system and the office suite. It is anticipated that Microsoft will terminate support for our existing environment in the near future. It has also been announced that our desktop hardware vendor will discontinue support for Windows NT on laptops beginning in June of 2002 and for desktops most likely by June of 2002. It is expected that other vendors will follow suit, after Microsoft makes its announcement. Vendor support of our tools is an important part of being able to maintain our environment in its best form. It allows us to resolve issues more quickly, and when there isn't a ready solution, it is a means by which we can get the vendor to assist us in resolving our issues.
We face a similar issue for the current version of our network operating system, which is Windows NT Server. There currently is one newer version of this operating system on the market, which is called Windows 2000 Server and technically there are three flavors of this product. Microsoft has announced that it is currently beta testing another version called Windows
In addition to the normal cycle of product upgrades and desupport notices, we will be faced with making licensing choices in how we choose to license Microsoft products in the future. The focus of this paper is on the technical aspects of these announcements and their impacts. Issues of licensing and funding are items, which are to be explored by , however this team is acutely aware of the current fiscal situation facing this agency and has made recommendations with this situation in mind.
The Scope of This Document: The purpose of this document is to outline the technical criteria on which decisions for migration to a new version of the desktop operating system, desktop office suite, and network operating system can be made. In addition, this document will provide a recommendation on what BEITA believes is/are the best alternative(s) for migration.
The options, which are specifically focused on in this document include:
Migration to Windows 2000 on the Desktop and Laptop
Migration to Windows XP on the Desktop and Laptop
Migration to Office 2000 on the desktop and laptop
Migration to Office XP on the desktop and laptop
Migration to another vendor's operating system on the desktop and laptop
Migration to another vendor's office suite on the desktop and laptop
Migration to Windows 2000 Server as the Network Operating System
Migration to Windows
Migration to another vendor's Network Operating System
Migration of all or part of our environment to Thin Client environment
Do Nothing
Factors, which must be weighed in making a determination include:
The Business needs of the agency
The cost to develop effective training for staff
The cost in time to actually train both technical staff and users
The cost to replace desktops/laptops/servers that will not function under new product releases
The cost in staff time to perform the physical migration
The cost effectiveness of rebuilding a device versus upgrading the device
The cost to migrate other related software to supported versions
The cost to migrate applications to the new environment
The cost to rebuild applications or purchase new software where existing cannot be migrated
Availability of support for each of the environments impacted by the proposed change
The cost to migrate information
The impacts of phased migrations
Risks of undertaking such a project
Benefits of undertaking such a project
Features gained
Features lost
The risks and cost of failing to act
Time
While all of these factors could not be assessed in the time given to complete this document, the information is an honest assessment of the factors that could be measured at this time.
Evaluating the Options:
Migration to Windows 2000 on the Desktop and Laptop
Windows 2000 is a desktop operating system. We would be replacing the existing Windows NT desktop operating system with this product.
50 - 55% of existing desktops are not capable of running Windows 2000.
Our hardware vendor (Dell) will not guarantee availability of devices able to run Windows NT beyond June 2002.
Industry indicates more cost effective to replace devices than to upgrade existing
standard software should run in this environment, some upgrades and testing should be conducted
Some applications may require modifications
Software/Hardware exceptions run a high risk of failing in this environment, particularly DOS based products.
Exception process warns of possibility and that BEITA is not obligated to make them work.
Training will be required for both technical staff and users.
Images for the new desktop OS would need to be created.
Development and testing for optimal configurations is a requirement.
Windows 2000 has been superseded by the new release of the desktop operating system called Windows XP.
More granular administration would allow for granting of some administrative functions to ITC's. This would require a project to develop a standard list of functions all ITC's would support.
Gartner is projecting support for Windows 2000 on the desktop into 2004. This is not a guarantee as Microsoft can change its support structure at will.
Windows 2000 has been shown to be a more stable operating system than Windows NT.
Windows 2000 will allow us to continue to run the existing office suite.
Windows 2000 provides for improved power management and plug-n-play features for laptop devices. This would allow us to reduce the number images to be supported.
Windows CE 3.5 requires Windows 2000/XP in order to function correctly. Implementation would reduce costs to customers using Windows CE PDAs.
Windows 2000 eliminates 7.8 Gigabyte partition limitation on hard disks which has caused difficulties and additional work related to SMS pushes.
Windows 2000 provides for self healing applications in conjunction with Office 2000.
Migration to Windows XP on the Desktop and Laptop
Windows XP is Microsoft's most current desktop operating system. We would be replacing the existing Windows NT desktop operating system with this product.
50 - 55% of existing desktops are not capable of running Windows 2000.
Our hardware vendor (Dell) will not guarantee availability of devices able to run Windows NT beyond June 2002.
Industry indicates more cost effective to replace devices than to upgrade existing.
Software
Exception process warns of possibility and that BEITA is not obligated to make it work.
Training will be required for both technical staff and users.
Images for the new desktop OS would need to be created.
Development and testing for optimal configurations is a requirement.
Windows XP is the most current version of Microsoft's desktop operating system. By going directly to it, we reduce costs by avoiding an extra migration.
More granular administration would allow for granting of some administrative functions to ITC's. This would require a project to develop a standard list of functions all ITC's would support.
Gartner currently is projecting support for Windows XP beyond 2004. This is not a guarantee as Microsoft can change its support structure at will.
Windows XP has been shown to be a more stable operating system than Windows NT.
It is uncertain if Windows XP will allow us to continue to run the existing desktop office suite. There are reports of successes and failures on Microsoft Technet.
Windows XP provides for improved power management and plug-n-play features for laptop devices. This would allow the to reduce the number of desktop images that must be maintained.
Windows CE 3.5 requires Windows 2000/XP in order to function correctly. Implementation would reduce costs to customers using Windows CE PDA's.
Windows XP eliminates the 7.8 Gigabyte partition limitation on hard disks which has caused difficulties and additional work related to SMS pushes.
Windows XP provides for self healing applications in conjuntion with Office 2000/XP.
As a brand new release, we would want to wait a period of time for patches before deploying across the agency.
Giga, Gartner and other industry analysts highly recommend the Windows XP product.
According to Giga, Gartner and others Windows XP will lower the cost of supporting the desktop.
Windows XP supports the concept of mobile profiles, making it easier for a user to move from device to device.
Windows XP allows switching of users, even if another user is currently logged on.
Vendors may begin to require this product as the lowest common denominator.
While other vendors have indicated that they intend to support Windows XP, some testing of software and applications will be required, and some additional software upgrades may be required.
We will need to explore security issues with this product.
We will need to examine how product activation impacts development of images. Product Activation is a means of preventing software piracy.
We will need to explore the auto update feature of this product.
Migration to Office 2000 on the Desktop and Laptop
Office 2000 is a desktop office suite comprised of Microsoft Word, Excel and Access. We would be replacing the existing Office 97 office suite with this product.
50 - 55% of existing desktops are not capable of running Office 2000.
Industry indicates more cost effective to replace devices than to upgrade existing.
Most existing software will function with Office 2000. There are some exceptions.
At least one application developed (SWAMP) will need modifications related to the implementation of this product.
Existing Microsoft Access applications may have difficulty migrating due to a new file structure in this version of the product.
Training will need to be provided to both Technical staff and users, to ensure quality installation and the ability to take advantage of new features.
Time will need to be allocated to ensure proper functioning of existing applications.
Time will need to be allocated for development of optimal configuration of product and images.
This version of the product has been superseded by the release of Office XP.
Implementation of this version will result in an extra migration needing to be completed.
There are no current projections for how long this version of the product will be supported.
This product should be reviewed and compared to agency business needs to see if there is value to the agency in adding them.
Basic functionality remains essentially the same and should minimize training in these areas.
Office 2000 allows for output in both HTML and XML formats, as well as traditional formats.
Office 2000 supports the concept of self healing applications.
Migration to Office XP on the Desktop and Laptop
Office XP is a desktop office suite comprised of Microsoft Word, Excel and Access. We would be replacing the existing Office 97 office suite with this product.
50 - 55% of existing desktops are not capable of running Office XP.
Industry indicates more cost effective to replace devices than to upgrade existing.
Most existing software will function with Office XP. There are some exceptions.
At least one application developed (SWAMP) will need modifications related to the implementation of this product and others that integrate with the office suite should be checked.
Existing Microsoft Access applications may have difficulty migrating due to a new file structure in this version of the product.
Training will need to be provided to both Technical staff and users, to ensure quality installation and the ability to take advantage of new features.
Time will need to be allocated to ensure proper functioning of existing applications.
Time will need to be allocated for development of optimal configuration of product and images.
Implementation of this version avoids an extra migration step.
There are no current projections for how long this version of the product will be supported.
This product should be reviewed and compared to agency business needs to see if there is value to the agency in adding them.
Basic functionality remains essentially the same and should minimize training in these areas.
Office XP allows for output in both HTML and XML formats, as well as traditional formats.
Office XP supports the concept of self healing applications.
Office XP provides more extensive collaboration tools.
Office XP provides for strong programmable capabilities that we would need to examine and develop standards for.
Beginning with this version of the product, we will incur annual licensing fees.
We will need to examine how product activation impacts development of images. Product Activation is a means of preventing software piracy.
We will need to explore security issues with this product.
As a brand new release, we would want to wait a period of time for patches before deploying across the agency.
Migration to an Alternate Operating System on the Desktop and Laptop
With the advent of open source software development, have come a number of seemingly low cost alternatives to the Microsoft products which are currently prevalent in Wisconsin State Government. Probably the most well know of these is Linux in its various flavors. Linux is a desktop operating system. There are a number of vendors who produce Linux versions because of the rules related to Open Source software development.
Open source software tends to have fairly low initial software costs.
Product support for our standard software and hardware is uneven. Some vendors support some flavors, others another.
Need to closely examine how viable the vendor of this operating system is.
ESRI does not develop products for Linux and to date will not commit to doing so.
Oracle provides some support for Linux, but it is unclear how well.
A number of applications developed at the will not function in this environment, which would mean redesign and redevelopment in a tool that would function.
We would be forced to migrate to a whole new Office Suite, if we were to adopt this operating system.
We may need to redesign things like letter head and forms to run in a product on this perating system.
We would need to create whole new training programs for staff and require them to take this training, in order for them to attain proficiency in the new operating system.
We would need to allocate time for technical staff to become proficient in managing this operating system.
We would need to take time to determine optimal configurations and develop images for this environment.
We would need to find a replacement for Site Server and a number of our web development tools, which are Microsoft centric at this time.
It is almost a guarantee that most of the Software Exception requests will not function in this environment and most certainly not the DOS applications.
Cost estimates for conversion work, training, deployment and lost hours would most likely be in the Millions of dollars. We would need to balance this against the savings in licensing fees and the long term viability of the vendor.
Migration to an Alternate Office Suite on the Desktop and Laptop
Today there are a number of alternatives to the Microsoft products which are currently prevalent in Wisconsin State Government. In the realm of alternate office suites, we have more choices in general terms, many of them even capable of running in a Microsoft Operating System.
Open source software tends to have fairly low initial software costs.
Need to closely examine how viable the software and the vendor of the product are. For example: Sun produces Star Office. Sun is a very viable company in and of itself, however they earn no revenue on Star Office. If push comes to shove, this most likely would be one of the first things they drop.
A number of our applications are integrated with the Microsoft Office Suite. Moving to Star Office or Word Perfect would require us to redevelop those portions of our applications integrated with the Office Suite.
It is unknown at this time, what support there may be for integrating alternate Office Suites with our existing tools, such as Oracle, PowerBuilder and Visual Interdev.
We would need to examine conversion of existing documents, forms, spread sheets and single user databases from the Microsoft Office Suite to the new Office Suite.
We would need to create whole new training programs for staff and require them to take this training, in order for them to attain proficiency in the new office suite.
We would need to allocate time for technical staff to become proficient in managing this office suite.
We would need to take time to determine optimal configurations and develop images for this environment.
We would need to examine the impacts of making such a decision on our business partners. While selecting WordPerfect would simplify communicating with EPA, selecting Star Office could potentially alienate us from every business partner in terms of our ability to share documents.
Making this change to our desktop office suite will cost large sums of money in converting existing documents and applications, training, and set up. It will require an extended period of time to accomplish. We would need to balance these costs against any potential savings in licensing fees and the long term viability of the vendor.
Migration to Windows 2000 Server as the Network Operating System
Windows 2000 Server is the most current "production" operating system produced by Microsoft. If implemented, it would replace Windows NT Server within the .
Windows 2000 Server is a substantially more stable product than Windows NT Server.
Windows 2000 Server provides all the functionality of Windows NT Server and expands upon it.
Microsoft has announced a new Network Operating System release is currently in beta testing. No release date has been announced.
Moving to Windows 2000 Server will require implementation of Active Directory.
The Enterprise desires to role out Active Directory in a uniform manner throughout state government. This project is not currently funded.
Several agencies are proceeding with implementation of Active Directory in advance of the Enterprise.
Servers should be migrated to Windows 2000 before the desktop Operating System is upgraded to avoid additional stops/modifications to the desktop at a later date.
Four technical staff are already trained in Windows 2000 Server.
Existing servers should only require minimal upgrades in the area of memory in order to be migrated to Windows 2000 Server.
This product allows for improved file and print services as compared to Windows NT.
Our existing (Domain Name Services) translates directly to Windows 2000 Server. In addition, Windows 2000 Server provides more robust support for DNS and DHCP while are integral parts of the 's existing network.
This product continues to support Outlook Web Access and improves the interface for this tool.
This product continues to support both IIS and Site Server which are part of our Internet and Intranet environments.
We know that our side Oracle and ESRI tools will operate within this environment.
Migration to Another Vendor's Network Operating System
There are several other Network Operating Systems that could be chosen, including various Unix and Linux flavors. Each of them carries their own licensing requirements and each would need to be examined against our other existing Network Services for viability. Following is a brief over view.
Migration of All or Part of Our Environment to Thin Client Services
A thin client environment is focused on maintaining less software and data at the client. This reduces the investment required in desktop software. Obviously, we would need to compensate on the server side.
Do Nothing
Chosing to do nothing at this time appears to save the agency money, and it potentially does in the short term. Eventually, due to software or hardware failure we would be forced into doing something. The following points help to evaluate the concerns of doing nothing.
The Hidden Costs of Phased Migrations
Recommendation:
We believe that the first step in migrating our existing Server and Desktop Operating System and Desktop Office Suite is to focus on the environment that we felt most needed to have vendor support available on a continuing basis. As our Network Servers provide connectivity, email and data services to the agency, we felt that they must receive first priority in any upgrade scenario. As such we recommend that first priority be given to migrate all Windows NT Servers to Windows 2000. This will require implementation of Active Directory as well. Most of these servers only need the Windows 2000 server version, although a few would need to be set up for Windows 2000 Advanced Server because of the number of processors they contain. As part of this we are recommending that we select Upgrade Advantage for these servers.
We also recommend that this agency pursue the development of a new PBB for purchase of several devices with Windows XP, set up and testing of applications and standard software in the new Operating System and with the proposed office suite. We believe that it is important that this testing be undertaken yet this fiscal year, if at all possible. This information will serve us well in determining what actual work would need to be completed in order to migrate to this operating system. The information gathered will be valuable in further assessing how we will deal with the impending lack of support for Windows NT on newly purchased desktop and laptop devices. We do not believe there is any gain to implementing Windows 2000, and experts including Giga and Gartner both recommend bypassing 2000 if you have not already begun implementation on the desktop.
Our third recommendation is that a mandatory PBB be created and executed in the new Fiscal Year to Research Windows Terminal Servers, and in particular Citrix. Along with assessing the technical viability of the product within the , this project will develop a detailed cost benefit analysis of Citrix and Windows Terminal Server. The project would need to test existing applications and software. It has been suggested that we may want to require software exceptions be run from a Citrix server as well, to minimize costs to the desktop. It would also have to look at the makeup of staff and their requirements for a desktop. While Citrix would require investment in servers and disk space, we could reduce costs for the desktop in terms of needing less powerful machines and lengthening the life of a device.
Our fourth recommendation is to place a moratorium on purchase of new devices, once our vendor (Dell) can no longer provide devices capable of running NT, until such time as we have completed the work in our second recommendation. We would encourage those who have a need to replace defective equipment look to the devices being surplused by other programs as a means of maintaining basic functionality until such time as the evaluation of the second recommendation and possibly the third recommendation.
--- Think of it as evolution in action ---