I love Debian as much as the next person, however after recently being involved in a project which required Debian (Woody) to be installed on IBM x345's with ServeRAID 6x controllers I would strongly recommend sticking with a distro like RedHat ES, AS or SuSE Ent which is fully supported by IBM.
The support for ServeRAID controllers using the ips.o module is fairly poor and in my situation I had to first install RedHat and then do a chroot install of Debian to get the O/S to install successfully.
It was a painful process to say the least. Now that the box is up and running we have rescue floppy's with the custom kernel and modules compiled in, but it still makes for some interesting DR measures.
I have also been to quite a few IBM seminars of late and they are pushing the RedHat and SuSE barrows, and they seem to be backing this up with a fair injection of $'s into RedHat and SuSE.
I agree totally, three weeks isn't long at all!!
I currently look after a Java Application Platform that runs on Windows 2000 (unfortuntely due to a.NET component of the application):-(
The setup includes testing/staging/production and a DR environment which all required patching and testing for the DCOM vulnerability.
Imagine my nervousness in regards to the microsoft patch when after sucessfully patching the testing environment, I applied the patch to the staging environent, rebooted the machine and the bloody thing would not boot.
Now these environments are identical, so after recovering the staging server from the rescue install and restoring from backups we were certainly reluctant to patch our production systems until some more thorough testing had been completed.
At the time that the MSBlaster worm was going crazy, the production and DR environments still remained unpatched, however they were protected somewhat via a firewall.
It was decided to patch the production server after notification from the datacentre where it is hosted that the MSBlaster worm was running rampant through their networks (and from what I have seen of their network I was not going to rely on there VLAN's or firewall's to protect my site).
As it turned out the patch applied sucessfully to the production environment with now dramas, but it still makes you wonder.
Now, I understand that the staging servers problems could have been caused by something else. But this is not the first time that I have come accross patches working inconsistantly accross multiple "identical" environments.
Getting back to my initial point... Three weeks is certainly not long, when you are concidering highly complex custom application servers running on the Windows platform, plus the appropriate outage windows to be able to install and test these patches.
I guess the thing that really scares me the most is the vulnerability that gets through unoticed by M$ and the like.
Then we really will think three weeks is a looooooooooong time:-)
I implemented a multi-domain Sendmail (LibMilter) solution for around 4000 users with the RAV product and found it to be a great product.
The domain based licensing model was the original reason for going with RAV as Trend Micro and Sophos etc were extremely expensive for this many users (as they license on a per mailbox basis). It would be nice to see this feature remain, but I would doubt that this will stay when Microsoft get control, especially based on their current licensing of products.
Is there any news on whether non-MS platforms will still be supported?
Slashdot Mirror
I love Debian as much as the next person, however after recently being involved in a project which required Debian (Woody) to be installed on IBM x345's with ServeRAID 6x controllers I would strongly recommend sticking with a distro like RedHat ES, AS or SuSE Ent which is fully supported by IBM. The support for ServeRAID controllers using the ips.o module is fairly poor and in my situation I had to first install RedHat and then do a chroot install of Debian to get the O/S to install successfully. It was a painful process to say the least. Now that the box is up and running we have rescue floppy's with the custom kernel and modules compiled in, but it still makes for some interesting DR measures. I have also been to quite a few IBM seminars of late and they are pushing the RedHat and SuSE barrows, and they seem to be backing this up with a fair injection of $'s into RedHat and SuSE.
I am going to wait until M$ recognises Australia or Asia/Pacific as a region before filling out their crappy surveys.
Beaker from the muppets ;-)
Beaker
I agree totally, three weeks isn't long at all!! I currently look after a Java Application Platform that runs on Windows 2000 (unfortuntely due to a .NET component of the application) :-(
The setup includes testing/staging/production and a DR environment which all required patching and testing for the DCOM vulnerability.
Imagine my nervousness in regards to the microsoft patch when after sucessfully patching the testing environment, I applied the patch to the staging environent, rebooted the machine and the bloody thing would not boot.
Now these environments are identical, so after recovering the staging server from the rescue install and restoring from backups we were certainly reluctant to patch our production systems until some more thorough testing had been completed.
At the time that the MSBlaster worm was going crazy, the production and DR environments still remained unpatched, however they were protected somewhat via a firewall.
It was decided to patch the production server after notification from the datacentre where it is hosted that the MSBlaster worm was running rampant through their networks (and from what I have seen of their network I was not going to rely on there VLAN's or firewall's to protect my site).
As it turned out the patch applied sucessfully to the production environment with now dramas, but it still makes you wonder.
Now, I understand that the staging servers problems could have been caused by something else. But this is not the first time that I have come accross patches working inconsistantly accross multiple "identical" environments.
Getting back to my initial point... Three weeks is certainly not long, when you are concidering highly complex custom application servers running on the Windows platform, plus the appropriate outage windows to be able to install and test these patches.
I guess the thing that really scares me the most is the vulnerability that gets through unoticed by M$ and the like.
Then we really will think three weeks is a looooooooooong time :-)
I implemented a multi-domain Sendmail (LibMilter) solution for around 4000 users with the RAV product and found it to be a great product. The domain based licensing model was the original reason for going with RAV as Trend Micro and Sophos etc were extremely expensive for this many users (as they license on a per mailbox basis). It would be nice to see this feature remain, but I would doubt that this will stay when Microsoft get control, especially based on their current licensing of products. Is there any news on whether non-MS platforms will still be supported?