Providing Web Services on the Internet: Why I Chose NetWare 5 Over Windows NT and Linux
Articles and Tips: article
Hardware Engineer
The Canopy Group
lashworth@novell.com
01 Mar 2000
The rapid growth of the World Wide Web as a forum for world-wide commerce and communication has prompted many organizations to set up Web sites. Even families and individuals have been enticed to establish their own Web sites for various purposes. Most prospective Web site builders rely on the services of ISPs (Internet Service Providers) and other Web experts to help them with the more technical aspects. However, a few intrepid individuals have set out on a quest to be their own ISP, providing Web services and related applications to their customers.
This AppNote details the adventures of one such individual, told from a personal point of view. It provides an account of how the choice of operating system platform was made, failures and successes, and other lessons learned along the way. In particular, it describes the advantages gained from using NetWare 5 over Windows NT and UNIX/Linux in the areas of available services, management, security, reliability, and hardware costs.
This information is designed for those who are thinking about setting up a Web server to provide Internet services on their own. It assumes the reader is familiar with the Internet and the many Web services that are commonly provided.
For more information about NetWare 5, visit the product Web site at:
http://www.novell.com/products/netware5
The First Part of the Journey
A few years ago, I decided to set up a Web site on a server of my own so I could, in essence, be my own ISP. I looked into various possibilities for the host operating system, including Windows NT, UNIX/Linux, and NetWare. At that time, the current version of NetWare was 4.x, which did not natively support TCP/IP and lacked other key features that I considered essential for my Web site. Since I had little experience with UNIX, I made the decision to use Windows NT as the platform for my first co-located Web server.
Initially I had trouble locating all the services that I wanted, but after some hunting I found an NT-compatible FTP (File Transfer Protocol) server, an HTTP (HyperText Transfer Protocol) server, and a good e-mail daemon. With these components, I was able to launch my fledgling Web site.
However, I soon became frustrated by a lack of reliability and by Windows NT-specific implementation issues. As I struggled to implement more advanced features on my Web site, particularly with regards to CGI (Common Gateway Interface), I quickly realized that my initial choice of operating system was locking me into a very narrow set of Microsoft-specific solutions. It wasn't long before I started looking at other platforms that would be more stable and offer increased flexibility.
Linux to the Rescue?
The next "obvious" choice was UNIX or one of its variants. After all, I reasoned, the Web was founded on UNIX, and many FTP, HTTP, and e-mail servers are readily available for this mainstream Internet operating system. I decided to go with Linux, an open-source UNIX derivative that has been getting a lot of attention recently as one of the easiest UNIX variants to work with.
Unfortunately, I experienced several problems just trying to get Linux installed. To my surprise, it was difficult to find a driver for my particular motherboard. I soon found out that with Linux you're asking for trouble unless you use hardware that is supported. I began to wonder if switching to Linux was such a bright move. However, I eventually located all the pieces I needed to assemble a working Linux system, and I finally got my Web server up and running again.
I understand that newer versions of Linux are much easier to install. However, the installation of the operating system is only the first step in establishing a Web site. After that, you have to install and configure the services. Despite my previous experience with another UNIX variant, I found it very challenging to set up applications on the Linux platform. There are scores of configuration files to contend with, and everything has to be just right for the system to work properly. Had it not been for some Internet sites that supported Linux neophytes, I might never have gotten all the services running.
I now had a fairly decent Web site with all the basic features I wanted. I did find Linux to be much more reliable than Windows NT. However, maintaining the system was not exactly effortless. Most users of SendMail, the built-in e-mail service for Linux, were PC-oriented, and they didn't like having to use telnet to modify passwords. That made more work for me, the system administrator, to support my users. I also experienced compatibility problems between SendMail and Netscape browsers.
So while easier installation and better reliability are important, they don't mitigate the basic problem with Linux. That is, Linux was designed by Linux users for Linux users, not for the general computer populace. Efforts are now being made to change this, but the bottom line is that managing a Linux-based Web server still requires a good deal of Linux-specific expertise.
Another problem arose in the area of security, as my new Linux system was successfully hijacked by hackers. I installed Linux using the default installation. It wasn't long before Unix-savvy hackers discovered that I had a hidden upload directory that they could access (a common oversight!). In a matter of a couple of days, my hard drive was filled with illegal and pornographic software. As you can imagine, traffic on my network was very high. Fortunately, I discovered the problem and plugged the hole, deleted the unwanted files, and the interlopers presumably moved on to other easy targets.
The experience inspired me to investigate Linux security issues, and I soon realized that securing the system was going to be very difficult. Even though I was able to plug the security hole that had been exploited, I couldn't help but wonder where else my system might be exposed. I also wondered how many Web service providers have unwittingly participated in such illicit activities.
My troubles weren't over yet. I experienced two hard drive failures in two years, which made me long for the disk mirroring/duplexing feature that is so easy to configure on NetWare. Many Linux enthusiasts would argue that regular backups are the best way to guard against drive failures and the resulting data losses. But customers get nervous when these things happen, and I don't blame them. Even with the best backup schemes in place, hard disk failures cause lost information and server downtime that cannot be recovered.
NetWare 5 Saves the Day
Just when I was about at my wit's end, NetWare 5 arrived on the scene. It offered a number of new features, including an enhanced operating system kernel, Pure IP, a hot new version of Novell Directory Services (NDS), and hardware support options such as Hot Plug PCI. To my excitement, it also included many Internet-related services such as support for LDAP (Lightweight Directory Access Protocol) version 3, DNS (Domain Name Service), DHCP (Dynamic Host Configuration Protocol), Collabra News Server (NNTP), and the Netscape FastTrack Server for NetWare, a high-performance Web server developed jointly by Novell and Netscape.
As soon as I was sure that I had everything I needed in terms of hardware and software, I made the switch to NetWare 5. The following is a quick rundown of how my NetWare 5-based Web site was improved over the previous incarnations.
Impressive set of high-performance Web services. With NetWare 5, I could offer my clients all of the Web services they had come to expect: HTTP, FTP (both uploading for Web site modifications and downloading options for anonymous users), e-mail, and a news server.
Expanded set of Web development tools. In addition, I had available to me an expanded set of development tools that included support for Perl, NetBasic, LiveWire server-side Java, NetWare Loadable Modules (NLMs), and Oracle database integration.
Sophisticated e-mail options. I was able to offer e-mail support for SMTP (Simple Mail Transfer Protocol), IMAP (Internet Mail Access Protocol), and POP (Post Office Protocol) 3, as well as a new HTTP browser-based WebMail service. This included user-configurable options for setting passwords, colors, and mail forwarding. Users could use this Internet Messaging Service to gather messages from multiple e-mail systems into a single browser-accessible in-box.
Greatly simplified management. The integration of NetWare 5 services with NDS allowed me to add users and manage services from any location, with user-friendly tools. The management of HTTP and FTP servers was now integrated, and I could easily configure hardware and software virtual servers.
Much stronger security. My site was more secure, thanks to NetWare's superior directory-based security and authentication features.
Increased reliability. With NetWare, I was finally able to have duplexed hard drives, which significantly reduced the likelihood of data loss due to hard disk failures.
Reduced hardware expense. NetWare runs very efficiently on standard Intel-based hardware and requires less processing power and RAM than Windows NT or UNIX. The lower hardware costs result in a much higher price/performance ratio for NetWare.
Perhaps best of all, NetWare 5 is a much more responsive server. NetWare was designed from the ground up as a highly optimized platform for network services. It has been continually honed and enhanced to provide the fastest possible client/server response times. General-purpose operating systems like Windows NT and UNIX/Linux simply can't match NetWare when it comes to performance (more on that later).
The NetWare 5.1 Bonus
Novell recently released NetWare 5.1, which integrates new Web and application server technologies that make it ideally suited for e-business and Web-based network management. While I have not yet incorporated all of the new NetWare 5.1 features into my Web site, the list of features is tantalizing to anyone interested in enhancing Web services. Here are just a few to whet your appetite:
IBM WebSphere Application Server 3.0 for NetWare, one of the industry's best for developing, deploying, and managing a wide range of Java-based Web applications. It includes WebSphere Studio, a collection of development tools you can use to design HTML and Java Server Pages, develop interfaces, build JavaBeans, and create other Java applications.
NetWare Enterprise Web Server, an open-standards, enterprise-strength Web server that provides built-in Web publishing and development capabilities.
NetWare FTP Server, which supports all leading FTP clients and allows them to transfer files to and from NetWare volumes once they are authenticated in NDS.
NetWare News Server, a tool for creating and maintaining news groups over the Internet which can be accessed by standard news readers such as Netscape Communicator or Microsoft Outlook 98/Express.
NetWare Web Search Server, which lets you automatically index an entire public Web site and quickly search for a particular piece of information.
Support for WebDAV (Web-based Distributed Authoring and Versioning), which enables Web collaboration by allowing access to files and folders--even those stored on a local file system--from any Web browser.
NetWare Management Portal, a browser-based utility that lets you manage your IP-based NetWare servers easily and securely from any Web browser.
NDS eDirectory, a powerful new directory service that has increased storage capacity and improved scalability, supporting millions of objects in a single directory tree.
For more information, see "What's New in NetWare 5.1: The Complete Solution for Web-Based Networking" in the January 2000 issue of Novell AppNotes.
Compelling Reasons to Choose NetWare 5
The Web as we know it has a rich history. From the beginning, UNIX and its variants have been used to provide Web services. To UNIX aficionados, it seems to be a "natural fit" to continue providing Web services on this venerable platform. Over the past few years, newer operating systems such as Windows NT and Linux have been gaining popularity as Web service platforms.
However, all of these operating systems suffer from similar weaknesses when used to host Web services. First and foremost, they are general-purpose operating systems. While a system such as Windows NT can be stretched into application serving, it lacks the foundation required to provide reliable, scalable, high-performance network services. Its security and management features are similarly deficient, resulting in greater security risks and increased IT costs.
There is another, less obvious problem with trying to retrofit a desktop operating system such as Windows NT into being a network server. To maintain all the desktop capabilities while adding more and more network-oriented features, the Windows NT code has ballooned significantly. According to some sources, Windows 2000 (formerly known as NT 5) has over 40 million lines of code--four times as much as NetWare 5. In order to run this additional code with reasonable performance, you need considerably higher hardware and memory requirements. A quick comparison of recommended hardware for Windows NT and NetWare will show that NetWare runs faster on less expensive server hardware.
The following sections highlight the major comparative issues and provide some of the more compelling reasons to consider NetWare 5 as a Web services platform.
Available Web Services
The first item for comparison is to look at what Web services are available for each platform.
UNIX/Linux/Windows NT. Basic services such as e-mail are easy enough to install, but exact behavior varies and may not easily provide the robust feature set clients expect. Apache and other well-respected HTTP servers are available for virtually any version of UNIX/Linux and even for Windows 95/98/NT. However, supporting services vary, and management can be complex. FTP services are usually built-in, but use a file-tweaking management system. Security can be a real problem.
NetWare 5. NIMS is a robust messaging service that offers state-of-the-art features and easy directory-based management. WebMail provides a browser-based facility for users to modify passwords and get their e-mail anytime, anywhere they have access to a standard Web browser. It also allows users to gather e-mail messages from other mail servers and consolidate them into a single in-box. Both IMAP and POP3 services are provided, and forwarding is easily configurable by the user without any effort on the part of the ISP.
HTTP services are provided by the Netscape Enterprise Server for NetWare. I was impressed by many of the features such as high performance, Web publishing, full indexing and search functions, and intelligent agents that can automatically deliver information according to user- specified rules. Yet this powerful server is simple to manage thanks to its tight integration with NDS. FTP Services are also provided with NetWare 5, and again, these are powerful, convenient to use, and easy to manage.
An advantage well worth noting is the inclusion of a 5-user version of Oracle 8i with NetWare 5. This powerful SQL database offers Web site builders some exciting opportunities, and an upward migration path from more limited data management alternatives.
Management
Another key area to consider is the ease of managing your Web site and what management tools are provided with each operating system.
UNIX/Linux/Windows NT. Service management is generally not integrated in the UNIX environment, and each application has its own set of tools and idiosyncrasies. With so many flavors of UNIX out there, you can't always be sure that everything will work together in a standard and predictable way. If you have a mixed environment, things get really confusing since no two versions of the OS work exactly the same. Even the simple task of adding a user varies between versions. And with user information stored in various places, the chances of making a mistake are very high.
Even if you hire competent IT engineers, it is going to be expensive to manage a UNIX-based Web site due to the sheer complexity of all the tasks required to set up, maintain, modify, and secure the site. Managing e-mail accounts in particular is a real headache for ISPs. And most administrative functions must be performed at the server itself, which makes remote support difficult.
NetWare 5. NDS makes it easy to implement and maintain Web services in the NetWare environment. Services can be managed any time and from anywhere. Modifications can be made instantly, with a fraction of the administrative effort. Management of the Netscape Enterprise Web Server and FTP services is integrated, and remote administration of these services is a snap. And with NIMS and WebMail, the e-mail account management headache is over. It doesn't take long to save a fortune in support costs.
Security
This is an extremely critical are to examine, as the Internet environment is fraught with hackers just waiting to punch holes in your Web site and exploit it for their own purposes.
UNIX/Linux/Windows NT. UNIX and its variants can be very complex to set up securely. The default installation of some variants, such as the Red Hat Linux I used, leaves huge "back doors" that can be exploited by hackers. While absolute security is impossible with any operating system, Linux and other popular operating systems were designed with a focus on enabling users to do whatever they want. Network security was a retrofit. I'm not saying that these operating systems are inherently insecure, but security implementation issues can be very complex and troublesome.
NetWare 5. NetWare 5 has been designed from the beginning to meet the needs of security-critical networks. This focus makes it easy to build a secure Web site based on the NetWare platform. As more and more services are being integrated with NDS, authentication becomes much stronger, and the chances of unauthorized access are significantly reduced.
Price/Performance
Let's face it: when push comes to shove, many decisions are made on the basis of cost. Thus hardware requirements and equipment expenses become important issues to consider. But performance must also be factored in to maximize your return on investment.
UNIX/Linux/Windows NT. As discussed previously, general-purpose operating systems have a difficult time being retrofitted for server-specific duties while maintaining acceptable performance. UNIX and NT were designed from the beginning as a multiuser, multitasking operating systems, but have since moved into the "workstation" environment. That required additional support for resource-intensive features such as graphical interfaces. To compensate for OS bloating and inefficiency, hardware requirements have continually increased, adding to the overall system costs and resulting in much lower price/performance ratios. Even though UNIX is often optimized for a specific hardware platform, it takes a great amount of expense and effort to achieve high performance.
NetWare 5. NetWare offers very high performance per dollar invested. NetWare is specially designed to provide network services as efficiently as possible. Unlike general-purpose operating systems, it doesn't have to worry about supporting fancy graphical interfaces or other "workstation" requirements. NetWare can reach high network performance levels on standard, Intel-based server hardware. So much NetWare-certified hardware is available that the choices are virtually unlimited. This translates to lower costs for hardware and offers better upgrade paths for existing systems.
Reliability
The last area we will discuss is one of the most important for potential ISPs and other providers of Web services. When you are providing services to the public, they expect those services to be available 24 hours a day, 7 days a week. Downtime is viewed very negatively and could result in your users looking elsewhere for more reliable Web hosts.
UNIX/Linux/Windows NT. While UNIX variants are generally quite reliable, they are a work in progress. Many times it is extremely difficult to find a solution for a specific issue that is causing server outages. Moreover, hardware support is spotty and finding Unix drivers for specific hardware can be a real headache. Although hardware support is more universal for Windows NT, the OS is notoriously unreliable and must be repeatedly rebooted to keep it going. Such operating systems are just not well suited to providing non-stop network services month in, year out.
NetWare 5. NetWare is well-known in the industry for its reliability. It is not unusual for NetWare servers to stay up for months at a time. In addition, fault tolerance features such as Hot Fix, disk mirroring and duplexing, and now server mirroring and clustering make NetWare the logical choice for reliable network services. Its use of the Intel-based platform ensures support for a wide variety of hardware and peripherals. What's more, Novell's comprehensive hardware certification process reduces the chance of hardware incompatibility issues. And should a problem arise, Novell customers are backed by the largest support infrastructure in the world.
Interoperability
Among the many advantages NetWare offers over Windows NT and Linux, one more that is worth mentioning is its interoperability with products from multiple vendors. NetWare 5 gives customers flexibility in choosing the applications and services that will best meet their needs. With NetWare 5, you are not locked into a single-vendor solution, but have the flexibility and freedom to easily integrate and manage Windows NT- and UNIX-based application servers. After all, why not let NT and UNIX do what they were designed to do--run specific applications--and let NetWare 5 and NDS tie everything together in a single, easily-managed directory environment?
Conclusion
In the final analysis, NetWare 5 offers the lowest-cost ISP solution and the most comprehensive suite of professional Internet services available. Reliability, scalability, performance, and security are all hallmarks of the NetWare foundation. When it comes to choosing the best platform for hosting Web services, NetWare 5 is the logical choice.
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.