We're going through this same conversation at my employer (a higher-ed liberal arts university). This article came up yesterday in my team, and we had a bit of a discussion about it. Here's the email I sent out to the group about the article and Yale's decision. Hopefully this will help to clear up some of the misinformation in the article.
> Several members of the committee thought ITS had made the decision > to move to Gmail too quickly and without University approval, Fischer > said.
Well yah, of course that's going to be a problem.
> Google stores every piece of data in three centers randomly chosen > from the many it operates worldwide in order to guard the company’s > ability to recover lost information — but that also makes the data > subject to the vagaries of foreign laws and governments"
Several other schools have fought this fight with Google and have gotten them to agree that all of their data will stay in the country.
> Under the proposed switch, Yale might lose control over its data
No, No, No. Google makes it very clear to its customers that the data is always "owned" by the customer.
> or could seem to endorse Google corporate policy and the large > carbon footprint left by the company’s massive data centers
For many years, Google has been a pioneer in building efficient, green datacenters. I guarantee you that proportionally-speaking, Yale's segment of Google's network has a *much* smaller carbon footprint than Yale's self-hosted system.
I'll agree - Drupal does have a steep learning curve. With regards to theming/styling, though, it's no different than any other CMS. Designers will have to fight cross-browser css compatibility issues with whatever CMS or template engine they're using.
This is a hard problem to solve unless you have a SAN that you can use for the VM disk images. If you do have a SAN (which I'm assuming you don't, otherwise you'd already know this), you can just take a snapshot of the volume and then spool it off to tape.
I'm a big fan of AWStats. It primarily gets its stats from parsing your access_log, but it also includes a javascript portion you can elect to use if you're interested in collecting more detailed information about your visitors (screen resolution, flash versions, etc.).
One caveat, though, if you choose to implement AWStats is that you should keep it in an access-restricted area of your webserver. There have are some pretty nasty vulnerabilities in AWStats. As long as you keep it secured, you should be fine, though.
The knoppix tracker would also seem like a good choice. There's usually a fair amount of seeders, and you'd get the benefit of exposing them to a very high-quality linux live cd at the same time.
I'm going to reply to myself here to try and dispell some of the misinformation that people are posting about the Cisco 3000 series VPN solutions. Several people have mentioned that the vpn restricts access to local networks, that it resets the DNS settings and changes the default gateway. Yes - it *can* do that, but it has to be specifically configured to do so. In our setup, we allow full access to both the local and remote networks simultaneously. After administering our VPN box for two years, I am still amazed by the sheer configurability of the thing. Yes, it'll take some hard work to get it set up right, especially if you're not familiar with routing and VPN technologies. In the end, though, you'll have a rock-solid, fast, reliable VPN solution.
They only restrict access to local network if they're *configured* to do so. In our setup, we allow clients' simultaneous access to both their local networks and the remote network.
At work (~90 employees...I guess that would qualify as medium-sized??) we use a Cisco VPN 3000 Concentrator. It's been rock-solid for us for two years now, and I'd highly recommend it. If you want to go the VPN-client route, cisco has official clients for Mac, Windows and Linux, but the box is also compatible with the PPTP vpn clients that come with most modern operating systems and it's also fully IPsec compatible. So...for example, if you wanted to, you could set up a linux gateway at home that would connect to your work VPN and establish a LANLAN VPN link.
If this proves to be too expensive, you ought to look ag OpenVPN. It's quite stable at this point, and they have clients for Windows, Mac and Linux as well. You'll have to have some amount of knowledge of linux networking/firewalling to get it set up right, but there's plenty of documentation out there to guide you.
From the "What is Trac" page:
* An integrated system for managing software projects
* An enhanced wiki
* A flexible web-based issue tracker
* An interface to the Subversion revision control system
Seems like that would work well for your purposes. I'm not sure if it does syntax highlighting, but it wouldn't be too hard to add that functionality.
I'll throw out my recommendation for m0n0wall. It's a livecd-based firewall package which is based on FreeBSD. Boot off of the CD, and config is held on a floppy, flash drive, etc. It has all the benefits of the FreeBSD network stack w/ the addition of a very robust web administration page. It's a snap to set up, and given decent hardware (fairly recent PC, Intel NICs, half-gig of RAM, etc), it'll outperform Symantec's offerring by several orders of magnitude, both in terms of feature set and network throughput.
All joking aside - my understanding of html/css has shot up through the roof since I ditched Dreamweaver and started coding by hand. Code cleanliness has also improved greatly, as you'd expect. If you've never tried, give yourself a week with a text editor and a good html/css book. It's quite freeing to not have to worry about anything other than the code. No application updates, no program idiosyncracies to deal with, etc.
I'd highly recommend you check out m0n0wall. It's a BSD-based router distro. M0n0 comes in several forms, a hard drive image, a compact flash image, and a bootable cd. I use the bootable cd. The entire thing runs from a RAM disk, storing configuration on a floppy disk. All administration is done from a very robust and feature-complete web interface. You can make m0n0 as simple or complex as you wish - it includes traffic shaping, wireless support, PPTP & IPsec VPN support, multiple interfaces, a captive proxy, etc.
The captive proxy support would be especially useful for you - from the web interface, you can remotely add/delete/change the usernames and passwords for the captive proxy.
Yes - there are other captive proxy projects out there (NoCatAuth etc.). I evaluated several of them, but ended up sticking with m0n0wall due to the ease of implementation and the foolproof architecture it has.
The RAID array will drastically improve disk performance. Plus, you'll never have to worry about backup/recovery again.
While I agree wholeheartedly with your RAID recommendation, I'd have to disagree with your comment about not having to worry about backup/recovery.
Even with a RAID setup, all it takes is a fried RAID controller card to corrupt the data on the RAID members, and then you can say goodbye to your data. So yes, RAID does shield you from individual hard drive corruption, you still need to have an alternate form of offline backup due to the fore-stated reasons.
And still no thunderbird indexing ? I'm not sure what you're doing, but GDS has been indexing my Thunderbird IMAP caches since the last release. Do you have email searching enabled in the GDS preferences?
Are you kidding? Outlook does a poor job on the PC
Are you kidding? Sure, it seems like Outlook-bashing is a fun thing to do, but lets be honest here. Perhaps the *only* reason outlook/exchange is entrenched in corporate IT is because of their superior calendaring.
...and neither of them are web based.
Have you heard of Outlook Web Access? Sure, you need IE to get the most out of it, but barring that requirement, it's the single best web calendar I've seen to date.
I seem to have to make 1-2 corrections per sentence, sometimes less.
Houston, we have a problem. 1-2 corrections per sentance isn't a big deal if you're typing an email. But extrapolate that over a 10-page paper, and you're talking 800-1000 corrections. That's a drag. Whenever I've used voice recognition software in the past, I've found that the overhead induced by having to make corrections completely eliminates the time savings over typing.
Slashdot Mirror
We're going through this same conversation at my employer (a higher-ed liberal arts university). This article came up yesterday in my team, and we had a bit of a discussion about it. Here's the email I sent out to the group about the article and Yale's decision. Hopefully this will help to clear up some of the misinformation in the article.
...but really, who knows if they're working.
is there a way to evaluate antivirus software?
Eicar (antivirus test file): http://www.eicar.org/anti_virus_test_file.htm
http://www.whitehouse.gov/
http://www.theonion.com/
http://www.fastcompany.com/
http://www.wfp.org/
ORLY?
*cough*
I'll agree - Drupal does have a steep learning curve. With regards to theming/styling, though, it's no different than any other CMS. Designers will have to fight cross-browser css compatibility issues with whatever CMS or template engine they're using.
This is a hard problem to solve unless you have a SAN that you can use for the VM disk images. If you do have a SAN (which I'm assuming you don't, otherwise you'd already know this), you can just take a snapshot of the volume and then spool it off to tape.
I'm a big fan of AWStats. It primarily gets its stats from parsing your access_log, but it also includes a javascript portion you can elect to use if you're interested in collecting more detailed information about your visitors (screen resolution, flash versions, etc.).
One caveat, though, if you choose to implement AWStats is that you should keep it in an access-restricted area of your webserver. There have are some pretty nasty vulnerabilities in AWStats. As long as you keep it secured, you should be fine, though.
The knoppix tracker would also seem like a good choice. There's usually a fair amount of seeders, and you'd get the benefit of exposing them to a very high-quality linux live cd at the same time.
I'm going to reply to myself here to try and dispell some of the misinformation that people are posting about the Cisco 3000 series VPN solutions. Several people have mentioned that the vpn restricts access to local networks, that it resets the DNS settings and changes the default gateway. Yes - it *can* do that, but it has to be specifically configured to do so. In our setup, we allow full access to both the local and remote networks simultaneously. After administering our VPN box for two years, I am still amazed by the sheer configurability of the thing. Yes, it'll take some hard work to get it set up right, especially if you're not familiar with routing and VPN technologies. In the end, though, you'll have a rock-solid, fast, reliable VPN solution.
Ditto - this is called "split tunnelling". We actually found it quite easy to get set up.
They only restrict access to local network if they're *configured* to do so. In our setup, we allow clients' simultaneous access to both their local networks and the remote network.
At work (~90 employees...I guess that would qualify as medium-sized??) we use a Cisco VPN 3000 Concentrator. It's been rock-solid for us for two years now, and I'd highly recommend it. If you want to go the VPN-client route, cisco has official clients for Mac, Windows and Linux, but the box is also compatible with the PPTP vpn clients that come with most modern operating systems and it's also fully IPsec compatible. So...for example, if you wanted to, you could set up a linux gateway at home that would connect to your work VPN and establish a LANLAN VPN link.
If this proves to be too expensive, you ought to look ag OpenVPN. It's quite stable at this point, and they have clients for Windows, Mac and Linux as well. You'll have to have some amount of knowledge of linux networking/firewalling to get it set up right, but there's plenty of documentation out there to guide you.
http://www.edgewall.com/trac/
From the "What is Trac" page:
* An integrated system for managing software projects
* An enhanced wiki
* A flexible web-based issue tracker
* An interface to the Subversion revision control system
Seems like that would work well for your purposes. I'm not sure if it does syntax highlighting, but it wouldn't be too hard to add that functionality.
I'll throw out my recommendation for m0n0wall. It's a livecd-based firewall package which is based on FreeBSD. Boot off of the CD, and config is held on a floppy, flash drive, etc. It has all the benefits of the FreeBSD network stack w/ the addition of a very robust web administration page. It's a snap to set up, and given decent hardware (fairly recent PC, Intel NICs, half-gig of RAM, etc), it'll outperform Symantec's offerring by several orders of magnitude, both in terms of feature set and network throughput.
I love the ability to put text and graphics wherever I want
;-)
Hrm - sounds like vim would be the ticket.
All joking aside - my understanding of html/css has shot up through the roof since I ditched Dreamweaver and started coding by hand. Code cleanliness has also improved greatly, as you'd expect. If you've never tried, give yourself a week with a text editor and a good html/css book. It's quite freeing to not have to worry about anything other than the code. No application updates, no program idiosyncracies to deal with, etc.
I'd highly recommend you check out m0n0wall. It's a BSD-based router distro. M0n0 comes in several forms, a hard drive image, a compact flash image, and a bootable cd. I use the bootable cd. The entire thing runs from a RAM disk, storing configuration on a floppy disk. All administration is done from a very robust and feature-complete web interface. You can make m0n0 as simple or complex as you wish - it includes traffic shaping, wireless support, PPTP & IPsec VPN support, multiple interfaces, a captive proxy, etc.
The captive proxy support would be especially useful for you - from the web interface, you can remotely add/delete/change the usernames and passwords for the captive proxy.
Yes - there are other captive proxy projects out there (NoCatAuth etc.). I evaluated several of them, but ended up sticking with m0n0wall due to the ease of implementation and the foolproof architecture it has.
The RAID array will drastically improve disk performance. Plus, you'll never have to worry about backup/recovery again.
While I agree wholeheartedly with your RAID recommendation, I'd have to disagree with your comment about not having to worry about backup/recovery.
Even with a RAID setup, all it takes is a fried RAID controller card to corrupt the data on the RAID members, and then you can say goodbye to your data. So yes, RAID does shield you from individual hard drive corruption, you still need to have an alternate form of offline backup due to the fore-stated reasons.
And still no thunderbird indexing ?
I'm not sure what you're doing, but GDS has been indexing my Thunderbird IMAP caches since the last release. Do you have email searching enabled in the GDS preferences?
If you notice the copyright on the bottom of the page, this is run by AOL, so they're pulling the data directly from the main AIM db.
Nah - I prefer links2. ;-)
I think worrying about hackers is a little silly.
:-)
Famous last words.
Yeah! I'd agree. I've been making my own brew for a few years now, and it's an incredibly rewarding hobby.
See my brew log.
Are you kidding? Outlook does a poor job on the PC
...and neither of them are web based.
Are you kidding? Sure, it seems like Outlook-bashing is a fun thing to do, but lets be honest here. Perhaps the *only* reason outlook/exchange is entrenched in corporate IT is because of their superior calendaring.
Have you heard of Outlook Web Access? Sure, you need IE to get the most out of it, but barring that requirement, it's the single best web calendar I've seen to date.
You need to look into Access Control Lists. That will allow you do have much finer-grained file access controls.
We don't run Unix. We don't run Linux. We don't run Oracle. We're 100 percent Windows, SQL Server.
That makes for a great testing environment for Windows Services for UNIX, huh?
I seem to have to make 1-2 corrections per sentence, sometimes less.
Houston, we have a problem. 1-2 corrections per sentance isn't a big deal if you're typing an email. But extrapolate that over a 10-page paper, and you're talking 800-1000 corrections. That's a drag. Whenever I've used voice recognition software in the past, I've found that the overhead induced by having to make corrections completely eliminates the time savings over typing.
the U.S. has become a techno-militaristic fascist state, and no longer represents to me, a member of the so-called "free world"
/me ducks.
Oh please. Your hyperbole is a bit much, don't you think? If it weren't for us, you'd probably be speaking German.