It DOES provide value that Linux is just now starting to provide. Don't send me the flame mail till you are done reading the full article.
We have identified the gaps and our firm is working on the GPLed products to resolve some of the issues. We have planned about 4-5 major products and a couple of minor ones which will in turn be used in the major projects. All of them will be GPLed. Please join and contribute if you can. All help will be well appreciated.
I have been consulting on GNU/Linux based solutions for almost 7 years now and using GNU/Linux since 8-9 yrs now. I do not have to go into a lot of detail about the stability/security and flexibility of GNU/Linux. All of them are very well documented and I am simply awed by the prodigous amount of excellent quality code the communities have produced.
Having said that, there are some of the really painful issues that need to be addressed:
- Simplicity for end user. Think Google. I think this is the single most important thing for the success of Google. Simplicity of use will make user WANT to use our applications.
- Spectacular lack of competent/qualified sys-admins for GNU/Linux.
- Dental surgery like pain in configuring and maintaining enterprise class servers - especially openLDAP, Mail servers, Firewalls. openLDAP has been by far the biggest problem to configure and maintain. It defies imagination on how we can have such a fantastic desktop like KDE but fail so miserably when providing a simple way to manage openLDAP. (Don't jump on me that Linux is simple or that I am a moron. I may well be a moron - don't bother pointing it out repeatedly.)
- Lack of application integration. This is a fallout of the excellent choice available. We simply cannot integrate all the Free apps. This is not a 'crib'. I shall discuss what R-Knowsys Technologies will be undertaking to solve some of these issues. We need to encourage choice but also ensure that the end user(admins) are not very stretched. And this is where there is excellent opportunity for entrapreneurs.
And this is where Microsoft provides real value.
Before we jump off the deep end and start plugging a particular technology, let us try and explore the domain.
What are the really essential pieces in a corporate IT environment? The answer for this can be as simple or as complex as you want. The components can vary widely based on the following aspects of the enterprise:
- Size - In terms of turnover/people.
- Type - Non-Profit/for profit.
- Indusrty/sector - requirements for manufacturing will be very different from requirements of a pharma co.
- Budget - Is IT essential, how important/relevant it is to the enterprise.
- Collaboration/communication needs of the employees. What kinds of communication.
- Mobility of employees.
- Statutory requirements/audits.
- Employee profile whether they are IT savy....
- Specific applications which run only on Windows and do not have equivalents for Linux.
Now obviously we cannot come up with a fixed list of requirements which can be
used for any organisation.
Let us look at some basic requirements for a reasonably modern enterprise with 15 desktops.
- Desktops, Office suite, Password security.
- Internal network (LAN, WAN).
- Basic networked applications - E-Mail, Intranet apps(Browser based).
Let us figure out the administration tasks associated with just the basic requirements:
- Ensuring that desktops are up-to-date with patches.
- Configured with the correct time.
- Making sure that the hard disks are scanned from time to time.
- Protection against virus/worm/malicious threats.
- Data backup.
- Access controls.
- Scheduled maintenance for OS/Apps. Cleaning corrupted apps/files.
- Ensuring that the user cannot fiddle with settings that he is not expected to fiddle with: IP addresses, proxies, add/remove applications etc.
Let us assume for illustration that the firm is a biotech firm.
Assuming that I am a sysadmin for these people, I might look at any popular desktop Linux distro like Ubuntu/Suse and be reasonably free from headaches.
Now let us change the scenario to more like what we face regularly. The number of employees > 500 and more often than not 1000 or more.
There needs to be a
- 'corporate standardised desktop with the mission statement diplayed prominently'
- Since the firm deals with research work/sensitive IP/secrets/Govt/defense related work, email policies are such that
- only some employees can receive emails from external sources.
- Others can send and recieve email internally only.
- Of these, only some can send attachments and that too only internally.
- People in marketing can send attachements outside but size not greater than 500KB and that too only pdf docs.
- Only top mgmt. can recieve attachments. Top mgmt can send attachments above 2MB.
- Some employees are travelling all the time and need to access their email securely over the net.
- There are about 20 offices worldwide and mgmt. travels all over the place and need to log into the corporate network from any office and work seamlessly i.e. they should not have to configure proxies/mail servers, IP address or ANYTHING.
- Now Internet access is restricted based on login and it is restricted to need, seniority and even the actual sites allowed to each person. Internet access needs to be throttled based on user and application. No free email sites should be allowed to a large section of the employees.
- Users should not be able to transfer files outside the corporation.
- There are about 30 Intranet applications which need to be integrated into a centrally authenticated and centrally administered Intranet.
- New users should be automatically given access to all applications (as per privileges) the day they join the organisation.
The best part is that I am not making this up. We did face this task from one of our customers. The customer was really pushing for MS products and though we resisted in the beginning, we saw the light and deployed MS-Server-2003 and standardised on Windows XP SP2 on all desktops.
We tried to retain their long serving Qmail server which had run for 2 years wihtout a reboot(I checked the uptime).
Their current IT Head wanted Exchange, we tried to save them money by continuing with Qmail on Linux. We went nuts trying to implement their email access requirements in Qmail. Even if we had implemented the requirements in Qmail, they couldn't get a decent sysadmin for maintaining Qmail. We were not into the sysadmin space either. In the end we gave up and implemented Exchange.
- Before the project,
- No of servers --- 2Nos, P-4 servers with 512 MB-RAM each. And 1 P-3 server with 512MB RAM(yes in 2006)
- Server-1 --> Qmail with about 1000+ email accounts + Spam control + Default gateway for 100 users (squid + iptables firewall with NATing).
- Server-2 --> Default gateway for 900+ users (Squid + firewall including NATing).
- Server-3 --> LDAP(addressbook) + ftp server + internal gateway and routing. (P3-512MB)
- After the migration, their ADS server alone was a dual opteron RAID-5, 8GB RAM box. and they had ADS replication servers in all locations accross the country.
- Their hardware acquisition alone ran into tens of thousands of dollars and you can guess the licensing costs for Windows for 1000+ users -
- Office suite
- Spam control software licenses
- Antivirus (Both server and desktop)
- Client access licenses for email - this was unbelievable I couldn't believe that AFTER they had purchased licenses for both Exchange AND outlook, they still had to fork out for CAL.
- Sharepoint + Groove.
- list went on.......
- Desktops: Win98/ME(Desktop)
- Servers: WindowsNT (Authentication), Linux servers(Mail/squid/LDAP-addressbook)
- Desktop: Standardised WinXP(desktop),
- Servers: Windows 2003 server + Active Directory.
- Firewall - Hardware based. ISA failed miserably here even with 8GB RAM and 2 dual core Opteron chips.
What could Linux have provided for a win? What is R-Knowsys Technologies doing to improve the situation? Where is the entrepreneurial opportunity?
How can we ensure that Linux provides unquestionable value to enterprises? More on this in my next blogs.