If they can't solve your problem, tell them you want a credit for the call and they'll credit it back. I've called them about 5 times so far this year, and 4 out of 5 were legitimate MS issues - and I got a credit for each one.
You could also probably push for a free upgrade/license - but I've never tried that.
I'm mainly mentioning this because if you still have the SRX, you can still call them back and get a credit. That doesn't help your wasted time - but man....get your money back if they didn't solve your problem.
With the cost of VMWare it almost seems like it would just be cheaper and more cost effect for a HOME solution to dual boot - although I can see it making sense for businesses.
I was going to post this if someone else didn't. People don't really want a solution though - they just want to complain that it must be a Windows only vulnerability;)
Besides Deep Freeze - you can also use virutal machines of various flavors. We actually have 20+ servers running on VM, and you have similar functionality.
I think that the main thinking behind this though is that nobody really wants to make anything 'inconvenient' to 'the end user'. I think THAT is really the #1 security flaw in any security plan - making things easy for the user.:)
Please also clarify what SIZE of business you mean.
For a small business with one server and a few desktops, vs a medium business with 10-20 servers and maybe a couple hundred desktops, vs businesses with hundreds of servers and thousands of desktops. The businesses at that top tier do not pay the same costs as those at the bottom tier.
In other words, I think it is a good question but I think any TCO analysis that says 'cost is lower' and doesn't quantify lower for what type of business is going to be flawed.
Luckily I only have to mess with the working of the server itself. All the licensing issue is handled by purchasing/legal. I can only imagine your pain though. You deserve a drink;)
The remote firmware stuff doesn't work all that great in Windows either, but the Dell stuff is starting to come along. You can now detect everything you need and update it remotely. I know that you can do this with SMS and Altiris - so I'm sure they also support it for Linux (Dell seems pretty good about that).
Since I haven't managed Unix boxes in several years - the answer would be 'no' on reading current man pages, autodoc tools, etc. That is one reason I was asking for the current technology in doing these things. You don't learn much without asking questions. Sometimes you have to look stupid to do it, but there is always a point where you start out knowing nothing and move up.
Actually the graphical tools with Windows scale well. We manage 35,000 Windows machines with these tools you say don't scale - so I think that is a little bit of misinformation the other way.
I agree that Unix/Linux requires less iron and less ADMINISTRATIVE management (licenses). I'm still trying to find the answer of where the network management is less. Hardware still fails, software (that isn't linked to an OS problem) still fails. Our actual crashes due to Windows are almost zero on 300+ Windows 2000/2003 servers.
Windows does support remote configuration/automation, LDAP directory management, and software/hardware inventory management very easily actually. We do all of that here.
A lot of our job is keeping applications and OS up to date, providing authentication, and providing files. Providing files is easy on any OS. Keeping OS up to date seems easy with both - we use YUM on SuSE and SMS on windows. Updating applications that are listed in YUM vs applications that already have an MSI or SMS import package is again about even. Providing authentication against a database seems about even with AD/NDS (we use both). We have 2 people on our Windows environment that support all of this, and it is only 2 because we need vacations and to switch off being on call.
Malware I think Linux wins hands down, but with McAfee Enterprise and some stuff at the firewall level - we have very little problem here. I would prefer not having malware to having it automatically blocked/removed - but it still doesn't cost me any more management.
Viruses I feel the same as Malware. Linux is better, but it isn't really costing me more than about 1/2 hour a week to deal with any of these issues.
I always ask this question because in our mixed environment I haven't seen any real stability issues with our Windows (or Unix) environments. I haven't seen either one being easier/harder to manage (although I do almost exclusively the Windows part).
The only real differences I see are price and philosophy. I prefer Linux on both of those - as do a lot of us here. The reason we are on Windows is because somewhere in the neighborhood of 150+ of our 400+ supported applications for our 140,000 users only run on Windows. If it was as simple as file sharing and a version of Office we'd be happy to switch, but it's never that simple.
I would be curious to know what tools you use to do this in Linux/Unix. We manage all the stuff you're talking about with 2 people for over 300 servers and thousands of desktops.
This isn't a 'troll' but I'm really curious of direct comparisons for tools like Active Directory, SMS, MOM, McAfee Enterprise, etc. I know Tivoli/Altiris do things like this - but I don't see that cost as being lower. If you're writing scripts - I don't see how that is going to be cheaper or easier to manage - especially for things like patching, adding/removing applications, and managing firmware on servers.
Also if someone new comes into the company how are these scripts supported without reading every single one?
One of the main reasons I ask is because if I ever tell my company 'we can do this' - specifics like that would be more useful rather than 'I heard you can script that with Unix'.
Well, that actually isn't why a lot of people use DFS. We have sites over 38 remote sites, and we want them all to have access to the same documents / software / etc. We use DFS so that we can tell people 'go to your * drive' and find this document (usually stuff that doesn't change a lot). DFS allows us to use sites and services to point them to the closest domain controller with copies of that information. This means we save a TON of bandwidth by not having users all come back to the home office to get their documents.
Of course, you can do the same thing in *nix using some other stuff, but it isn't just about storage.
For Windows something called 'ERD Commander' is also very good. Also better than the Windows recovery console, allows you to change Windows passwords, etc.
Basically like running Windows in safe mode, even if it can't boot from the hard drive. I would (and do) find this a lot more useful on a Windows server than Knoppix, because it gives me access to parts of the Windows subsystems that Knoppix wouldn't.
If your main factor is cost and you don't care about redundancy, performance, support, scalability, or space - a desktop is a great choice.
If you care about any of the above, you want a server. You just have to figure out what an apples to apples comparison is. Take all your servers / desktops configured as you would need - and get some quotes for them. If the price is drastically different, that would be one thing. If you are talking a small difference - go with the servers.
Also, most servers also have Xeons, which most desktops won't have.
If I go and show someone my version of XP at home - it runs fast and hasn't crashed in two years (believe it or not). If I show them Linux on my other computer - it also runs fast and hasn't crashed.
Know what most people notice if I show them both?
XP has prettier colors. I kid you not. I never know quite what to say to that. It does sort of illustrate though that better technology is NOT going to mean Linux is deployed everywhere. You have to understand that the typical non-geek does not think like we do. You and I will be in awe about some new technological marvel. A user will be in awe by moving icons and brighter colors.
Not to say that all users are like that, but I'm always surprised by how many people on here think that technology will make Linux 'win' more home market share.
This is the same group of people that voted for President in 2000 - and when CNN interviewed a group of undecided voters, several of them said they were voting for Bush because they liked his tie.
So my proposal? Linux needs brighter colors. That will give it market share, and could eventually lead to Tux being elected President.
I agree with your thoughts on the user level, but not really at the server or infrastructure level. Tools like MOM, SMS, and multiple non-MS tools all were written for the purpose of proactive and reactive error response. We run several hundred Windows servers and about half as many boxes with different flavors of unix on them at HQ alone.
We have several groups that administer these boxes. As far as I know, our group (infrastructure) hasn't lost a server to an OS issue in about 2 years. One of the other core groups running on AIX, running a large critical database, has a similar uptime for the OS. Application stability on both systems has been equal.
Our developers administer some applications on SCO boxes and Windows servers - and these boxes, administered by people who see it as a 'backup' job, have much higher downtimes due to OS issues (but they are also non-critical systems that can have downtime).
Having over 35,000 machines on our network, and almost every major OS - I think an in-depth knowledge of what you are working with directly equates to a stable system. I've seen a direct relation in the six years I've worked here.
Although I agree that the design of Linux/Unix is inherently more stable (modular design), I don't think that administering 35,000 + machines would be 'easier' on one of those systems. It is all about balance. Ease of use really adds up when you are trying to roll out an application simultaneously to 10,000 machines in 32 locations.
I've always wanted to do an 'ask slashdot' about what sort of systems and management tools people would use for those sorts of systems (Linux I mean), but I've also realized it would only end up in a flameware instead of a real discussion about equal toolsets.
I guess in essence what I'm saying is that my experience is totally opposite from yours - but I believe it is because I don't have the 12 years of experience on Linux like I do on Windows systems. I would like to get there, but you don't get hired without experience and you don't get experience without getting hired - so I'll probably end up working with Windows in the near future.
By the way, if you do Linux administration and know of tools that equal what I'm talking about above - I would be happy to know about them.
I get the electoral college just fine. I was just explaining that winning the 'popular vote' has nothing to do with a majority.
The 2-1 comment was mainly a joke about how our voting trends show we are one of the most apathetic countries in the world when it comes to voting. Mainly I think this is because our system sucks. Runoff voting or several other options would probably increase voter turnout a lot.
As for the electoral college, in most cases the winner of the popular vote would almost always win in the electoral college if you had representatives based on % vote per state instead of most states having the winner get the whole block.
Sort of a moot point right now, as I don't see the parties in power working on changing a system that works so well for them.
When people start to complain about that - we'll outsource the press, so that we don't actually get any information on what is happening anymore.
When bloggers expose what is really going on and we lose trust in the system, we can outsource our government.
After the government is outsourced and we all become citizens of whatever country has annexed the United States, we'll all be citizens of one country again.
See...outsourcing solved in just a few easy steps.
I think this is true of this story, and a lot of the Windows horror stories you read.
A competent administrator with a system setup correctly from the start will almost always trump any OS with a bad administrator and / or bad setup. You wouldn't believe how many stories and comments I (and I'm sure others) have read on here about what people have done or had problems with on Windows machines, and asked why they didn't learn how to administer the machine in the first place. Now you're just going to see the same stories (true or not) cropping up about Linux, and have the same reaction. Welcome to the party;)
Not to say that Windows is better than Linux, or X is better than Y for any operating system - just that it seems more problems are caused by either administrators (or management) rather than the OS.
Personally I hope both Linux and Windows continue to advance. As long as we have competition, everyone wins (talk about market share all you want, but I think at this point Linux qualifies as competition).
I also look forward to the day when all the Linux administrators that say 'it cant happen on my Linux system' get to deal with the same users and managers that the rest of us have dealt with for years;)
Ooooh...I hate when my HTML files do that. That's why I only use Notepad for HTML editing. You think Word is bad with what it does to HTML though? Try Frontpage....
I agree with your statement, but I was pointing out the benefits of a personal firewall in a corporate environment. We're really talking apples and oranges.
I'm not sure if we'll use XP SP2 as a personal firewall on our internal network, but some kind of personal firewall would be a benefit. It helps to know that each individual computer has ports locked down, and that you can lock/open them from an enterprise level. It isnt the end all solution, but it is part of a solution to reduce some vectors.
You are correct about NX, but Intel also has something called XD in the Prescotts that does the same thing. Sort of a moot point for both since most of us aren't using 64 bit processors at this point.
Once the system has been compromised you are in trouble - that is true.
However personal firewalls have a -lot- of benefit at least from a business standpoint. Many firewalls, including SP2 have additional features that help protect your network. As a for instance, limiting the number of outgoing TCP connections that can be opened per second. If you've ever seen some of the viruses take out network bandwidth - this is one of many ways to help.
Basically if you look at a personal firewall as a 'solution' - it is going to fail. If you look at it as one tool of many to make up your corporate security solution, it gives you power.
As another 'for instance' here - if you have an active directory domain, and you find that a new virus is using port X that you have open for application Y - you can turn that port off from the GPO. This means that you can reconfigure the personal firewall on all the computers and clean up the issue without your network going down the tubes as it spreads itself.
Not -all- reasons for a firewall involve some sort of root/administrator hack.
Slashdot Mirror
No, you don't - but $245 back is better than 40 hours lost and no money back ;)
If they can't solve your problem, tell them you want a credit for the call and they'll credit it back. I've called them about 5 times so far this year, and 4 out of 5 were legitimate MS issues - and I got a credit for each one.
You could also probably push for a free upgrade/license - but I've never tried that.
I'm mainly mentioning this because if you still have the SRX, you can still call them back and get a credit. That doesn't help your wasted time - but man....get your money back if they didn't solve your problem.
What sort of hardware do you suggest for this?
With the cost of VMWare it almost seems like it would just be cheaper and more cost effect for a HOME solution to dual boot - although I can see it making sense for businesses.
I was going to post this if someone else didn't. People don't really want a solution though - they just want to complain that it must be a Windows only vulnerability ;)
:)
Besides Deep Freeze - you can also use virutal machines of various flavors. We actually have 20+ servers running on VM, and you have similar functionality.
I think that the main thinking behind this though is that nobody really wants to make anything 'inconvenient' to 'the end user'. I think THAT is really the #1 security flaw in any security plan - making things easy for the user.
Please also clarify what SIZE of business you mean.
For a small business with one server and a few desktops, vs a medium business with 10-20 servers and maybe a couple hundred desktops, vs businesses with hundreds of servers and thousands of desktops. The businesses at that top tier do not pay the same costs as those at the bottom tier.
In other words, I think it is a good question but I think any TCO analysis that says 'cost is lower' and doesn't quantify lower for what type of business is going to be flawed.
Luckily I only have to mess with the working of the server itself. All the licensing issue is handled by purchasing/legal. I can only imagine your pain though. You deserve a drink ;)
All very true on the tools and documentation.
The remote firmware stuff doesn't work all that great in Windows either, but the Dell stuff is starting to come along. You can now detect everything you need and update it remotely. I know that you can do this with SMS and Altiris - so I'm sure they also support it for Linux (Dell seems pretty good about that).
I'll check into the AD vs LDAP+Samba tutorials. Thanks :)
I'll also have to check into the apt repository stuff. Sounds pretty similar to how SMS handles stuff, just without the pretty interface.
Do you mainly use perl to do the CGI scripting to handle all of that?
Since I haven't managed Unix boxes in several years - the answer would be 'no' on reading current man pages, autodoc tools, etc. That is one reason I was asking for the current technology in doing these things. You don't learn much without asking questions. Sometimes you have to look stupid to do it, but there is always a point where you start out knowing nothing and move up.
Actually the graphical tools with Windows scale well. We manage 35,000 Windows machines with these tools you say don't scale - so I think that is a little bit of misinformation the other way.
I agree that Unix/Linux requires less iron and less ADMINISTRATIVE management (licenses). I'm still trying to find the answer of where the network management is less. Hardware still fails, software (that isn't linked to an OS problem) still fails. Our actual crashes due to Windows are almost zero on 300+ Windows 2000/2003 servers.
Windows does support remote configuration/automation, LDAP directory management, and software/hardware inventory management very easily actually. We do all of that here.
A lot of our job is keeping applications and OS up to date, providing authentication, and providing files. Providing files is easy on any OS. Keeping OS up to date seems easy with both - we use YUM on SuSE and SMS on windows. Updating applications that are listed in YUM vs applications that already have an MSI or SMS import package is again about even. Providing authentication against a database seems about even with AD/NDS (we use both). We have 2 people on our Windows environment that support all of this, and it is only 2 because we need vacations and to switch off being on call.
Malware I think Linux wins hands down, but with McAfee Enterprise and some stuff at the firewall level - we have very little problem here. I would prefer not having malware to having it automatically blocked/removed - but it still doesn't cost me any more management.
Viruses I feel the same as Malware. Linux is better, but it isn't really costing me more than about 1/2 hour a week to deal with any of these issues.
I always ask this question because in our mixed environment I haven't seen any real stability issues with our Windows (or Unix) environments. I haven't seen either one being easier/harder to manage (although I do almost exclusively the Windows part).
The only real differences I see are price and philosophy. I prefer Linux on both of those - as do a lot of us here. The reason we are on Windows is because somewhere in the neighborhood of 150+ of our 400+ supported applications for our 140,000 users only run on Windows. If it was as simple as file sharing and a version of Office we'd be happy to switch, but it's never that simple.
I would be curious to know what tools you use to do this in Linux/Unix. We manage all the stuff you're talking about with 2 people for over 300 servers and thousands of desktops.
This isn't a 'troll' but I'm really curious of direct comparisons for tools like Active Directory, SMS, MOM, McAfee Enterprise, etc. I know Tivoli/Altiris do things like this - but I don't see that cost as being lower. If you're writing scripts - I don't see how that is going to be cheaper or easier to manage - especially for things like patching, adding/removing applications, and managing firmware on servers.
Also if someone new comes into the company how are these scripts supported without reading every single one?
One of the main reasons I ask is because if I ever tell my company 'we can do this' - specifics like that would be more useful rather than 'I heard you can script that with Unix'.
http://www.gls.com/
They can provide support for the connection and the router, and open tickets with the LEC if the link goes down.
Well, that actually isn't why a lot of people use DFS. We have sites over 38 remote sites, and we want them all to have access to the same documents / software / etc. We use DFS so that we can tell people 'go to your * drive' and find this document (usually stuff that doesn't change a lot). DFS allows us to use sites and services to point them to the closest domain controller with copies of that information. This means we save a TON of bandwidth by not having users all come back to the home office to get their documents.
Of course, you can do the same thing in *nix using some other stuff, but it isn't just about storage.
For Windows something called 'ERD Commander' is also very good. Also better than the Windows recovery console, allows you to change Windows passwords, etc.
Basically like running Windows in safe mode, even if it can't boot from the hard drive. I would (and do) find this a lot more useful on a Windows server than Knoppix, because it gives me access to parts of the Windows subsystems that Knoppix wouldn't.
If your main factor is cost and you don't care about redundancy, performance, support, scalability, or space - a desktop is a great choice.
If you care about any of the above, you want a server. You just have to figure out what an apples to apples comparison is. Take all your servers / desktops configured as you would need - and get some quotes for them. If the price is drastically different, that would be one thing. If you are talking a small difference - go with the servers.
Also, most servers also have Xeons, which most desktops won't have.
If I go and show someone my version of XP at home - it runs fast and hasn't crashed in two years (believe it or not). If I show them Linux on my other computer - it also runs fast and hasn't crashed.
Know what most people notice if I show them both?
XP has prettier colors. I kid you not. I never know quite what to say to that. It does sort of illustrate though that better technology is NOT going to mean Linux is deployed everywhere. You have to understand that the typical non-geek does not think like we do. You and I will be in awe about some new technological marvel. A user will be in awe by moving icons and brighter colors.
Not to say that all users are like that, but I'm always surprised by how many people on here think that technology will make Linux 'win' more home market share.
This is the same group of people that voted for President in 2000 - and when CNN interviewed a group of undecided voters, several of them said they were voting for Bush because they liked his tie.
So my proposal? Linux needs brighter colors. That will give it market share, and could eventually lead to Tux being elected President.
Thank you for your response(s) and patience :)
:)
I guess it's easy to get a little defensive on slashdot if you work for a company that has Windows (your choice or not)
I agree with your thoughts on the user level, but not really at the server or infrastructure level. Tools like MOM, SMS, and multiple non-MS tools all were written for the purpose of proactive and reactive error response. We run several hundred Windows servers and about half as many boxes with different flavors of unix on them at HQ alone.
We have several groups that administer these boxes. As far as I know, our group (infrastructure) hasn't lost a server to an OS issue in about 2 years. One of the other core groups running on AIX, running a large critical database, has a similar uptime for the OS. Application stability on both systems has been equal.
Our developers administer some applications on SCO boxes and Windows servers - and these boxes, administered by people who see it as a 'backup' job, have much higher downtimes due to OS issues (but they are also non-critical systems that can have downtime).
Having over 35,000 machines on our network, and almost every major OS - I think an in-depth knowledge of what you are working with directly equates to a stable system. I've seen a direct relation in the six years I've worked here.
Although I agree that the design of Linux/Unix is inherently more stable (modular design), I don't think that administering 35,000 + machines would be 'easier' on one of those systems. It is all about balance. Ease of use really adds up when you are trying to roll out an application simultaneously to 10,000 machines in 32 locations.
I've always wanted to do an 'ask slashdot' about what sort of systems and management tools people would use for those sorts of systems (Linux I mean), but I've also realized it would only end up in a flameware instead of a real discussion about equal toolsets.
I guess in essence what I'm saying is that my experience is totally opposite from yours - but I believe it is because I don't have the 12 years of experience on Linux like I do on Windows systems. I would like to get there, but you don't get hired without experience and you don't get experience without getting hired - so I'll probably end up working with Windows in the near future.
By the way, if you do Linux administration and know of tools that equal what I'm talking about above - I would be happy to know about them.
I get the electoral college just fine. I was just explaining that winning the 'popular vote' has nothing to do with a majority.
The 2-1 comment was mainly a joke about how our voting trends show we are one of the most apathetic countries in the world when it comes to voting. Mainly I think this is because our system sucks. Runoff voting or several other options would probably increase voter turnout a lot.
As for the electoral college, in most cases the winner of the popular vote would almost always win in the electoral college if you had representatives based on % vote per state instead of most states having the winner get the whole block.
Sort of a moot point right now, as I don't see the parties in power working on changing a system that works so well for them.
First we'll outsource IT jobs.
When people start to complain about that - we'll outsource the press, so that we don't actually get any information on what is happening anymore.
When bloggers expose what is really going on and we lose trust in the system, we can outsource our government.
After the government is outsourced and we all become citizens of whatever country has annexed the United States, we'll all be citizens of one country again.
See...outsourcing solved in just a few easy steps.
A plurality is still winning the popular vote. You don't have to have EVERYONE like you to win (or even a majority)!
:)
If we went there, we'd eventually get to the point where people would stop voting until we elected a president with a 2-1 vote - a clear majority
I think this is true of this story, and a lot of the Windows horror stories you read.
;)
;)
A competent administrator with a system setup correctly from the start will almost always trump any OS with a bad administrator and / or bad setup. You wouldn't believe how many stories and comments I (and I'm sure others) have read on here about what people have done or had problems with on Windows machines, and asked why they didn't learn how to administer the machine in the first place. Now you're just going to see the same stories (true or not) cropping up about Linux, and have the same reaction. Welcome to the party
Not to say that Windows is better than Linux, or X is better than Y for any operating system - just that it seems more problems are caused by either administrators (or management) rather than the OS.
Personally I hope both Linux and Windows continue to advance. As long as we have competition, everyone wins (talk about market share all you want, but I think at this point Linux qualifies as competition).
I also look forward to the day when all the Linux administrators that say 'it cant happen on my Linux system' get to deal with the same users and managers that the rest of us have dealt with for years
Ooooh...I hate when my HTML files do that. That's why I only use Notepad for HTML editing. You think Word is bad with what it does to HTML though? Try Frontpage....
Never had any of the other issues though.
I agree with your statement, but I was pointing out the benefits of a personal firewall in a corporate environment. We're really talking apples and oranges.
I'm not sure if we'll use XP SP2 as a personal firewall on our internal network, but some kind of personal firewall would be a benefit. It helps to know that each individual computer has ports locked down, and that you can lock/open them from an enterprise level. It isnt the end all solution, but it is part of a solution to reduce some vectors.
You are correct about NX, but Intel also has something called XD in the Prescotts that does the same thing. Sort of a moot point for both since most of us aren't using 64 bit processors at this point.
= 21 11
http://anandtech.com/cpuchipsets/showdoc.aspx?i
Once the system has been compromised you are in trouble - that is true.
However personal firewalls have a -lot- of benefit at least from a business standpoint. Many firewalls, including SP2 have additional features that help protect your network. As a for instance, limiting the number of outgoing TCP connections that can be opened per second. If you've ever seen some of the viruses take out network bandwidth - this is one of many ways to help.
Basically if you look at a personal firewall as a 'solution' - it is going to fail. If you look at it as one tool of many to make up your corporate security solution, it gives you power.
As another 'for instance' here - if you have an active directory domain, and you find that a new virus is using port X that you have open for application Y - you can turn that port off from the GPO. This means that you can reconfigure the personal firewall on all the computers and clean up the issue without your network going down the tubes as it spreads itself.
Not -all- reasons for a firewall involve some sort of root/administrator hack.