[KLUG Members] Replacing "gatekeeper" and "mail beamer".

[Adam Tauno Williams]

>Network Computing did a review of both hardware and software
>proxy/caching servers in late 1999.  Squid ruled the software
>products, even beating out several hardware-based solutions (only
>NetApp acceled past it), and MS Proxy was _dead_last_, 4x _slower_
>than Squid.  It also had security and configuration issues and was
>the _least_flexible_.  Unfortunately, the article has been yanked
>off their site (for what reason???).

I can vouch that this article is "real" and very much gone.

>>1. FREE (or close to it)
>Lower Total Cost of Ownership (TCO).  There is some "FUD" going
>around that "yeah, Linux is cheaper, but it costs more in support." 
>That's utter bull.  As a longtime NT admin, the lack of crashes and,
>_more_importantly_, lack of reboots everytime you reconfig is a mega
>bonus.  As far as "retraining," all you need is to get a good Linux
>admin to spearhead and within 6 months, everyone will be
>up-to-speed.

I think TCO is "FUD".  Reliably calculating something like TCO in
anything but the most abstract sense is purely argumentative.

To be fair, WinY2K does away with many, but not all, of the "You must
now restart your computer" nonsense.  Of course it is still monolithic
and proprietary, and comes with no decent development enviroment.

Anyone with their salt on NT could pickup Linux, no sweat,  and vice
versa.  The "worth their salt" is the hard part,  most IT people are
worthless acronymn spouting marketroids.  If someone is WILLING they can
be familiar with Linux in those six months,  but lets face it,  most of
those NT networks are "that bad", not merely because NT is "that bad"
but because the admins don't have a clue what they are doing,  read no
relevent material after work hours, attend no professional
organizations, have no peer network, etc...  A pointy-haired NT admin
will make a pointy-haired Linux admin.

On the up side,  the Linux/UNIX people I have met tend to be ***WAY***
more knoweledgeable about their area of expertise than NT types.  Of
course there are fewer of them.

>> 2. Reliable. I've got an old 486 clunker w/ no battery backup, etc. in a
>>VERY bad electrical environment and it cruises right along (if you can say 486
>>are quick <G>)
>Again, Linux is not just reliable, but requires no reboots when you
>reconfigure, patch or upgrade (unless it is the kernel or GLibC
>themselves).  ZD's Sm@rtPartner is one of the few IT publications

In place glibc upgrades,  no problem.

>that showed this results in lower TCO with Linux -- not to mention
>the lack of crashes.  It is also the reason why Linux admins keep up
>with the latest updates, and NT admins don't, because updating
>doesn't require a reboot -- a small detail, but _very_crucial_.

In part,  I think Linux people tend to "like" what they do more,  and
thus do a better job.  Smart people are attracted to systems that let
them have real control.  Spend all the money you want on someone,  a
labor of love will always be better in the end.

>>3. There is more and more support / programs / options for Linux everyday!
>>I've got 2 servers here now and they just work!
>Anyone who tells you that Linux is "unsupported" is just spreading
>FUD.  We've got a guy here who showed that every storage, database
>and other vendor they used for their existing HP systems also were
>100% RedHat Linux certified.  Hardware savings alone was 66%.

Agree.  And anyone who says Win?? is supported hasn't dealt with many
MCSEs.

>>4. SECURE! Surely can't say that about Windows / NT / Win 2000!
>As a longtime NT sysadmin, even "advocate" in the "early days"
>(1992-1994), the reason why NT/2000 isn't secure isn't the
>underlying OS.  The reasons are even more sinister:
>1.  Features are focus, security is _never_ a design-time
> consideration

That may be a little of an over statement (IMHO).

>3.  Applications are multiuser ignorant (even Microsoft's own),
>which often leads to gross security violations

Oh, so very true.

>4.  Security in Windows 2000 is overkill to the point of confusion
>and "holes by default" for compatibility

Mmmmm, I don't think so.  Many feel a kerbized Linux network is
"overkill to the point of confusion",  it feels about right to me.  And
is about the same method as WinY2k uses.

>>As for management, with Squid you edit the config file
>>/etc/squid/squid.conf to add / remove a specific user and -HUP the squid
>>process and presto! You don't even lose a bit of data in the process!

squid -k reconfigure
 
>Squid _is_ "the bomb."  

Preach it brother.

>I highly recommend you put its cache on its
>own disk drive, or consider a RAID-0 solution.

Yes.