Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 301
  • Last Modified:

ISP : which Service on which OS

Hi,

We're Planning for an Enterprise ISP and reached to point to decide about "which service on which OS".

I've talked with many people ; some bashed Linux, some bashed Windows 2000.

What I need is first of all, do you suggest a full-linux-based or full-windows2000-based or an integrated solution?

The services that I need to have on these OSs are :

AAA (Authentication, Authorization, Accounting) (+Centralized Authentication)
DNS (internal and external)
DHCP
Web Server
Mail Server
Firewall
Cache

The factors that are important for me are Availabality, Reliability and Security. as you know, Uptime for an ISP is very important.

If you suggest an integrated solution using some services on linux and some services on windows, would you please tell me which-on-which and why?

The only reasonalbe difference that I know is Linux does not need restart on most new patches. (Uptime)

Also I need "Switch Fault Tolerance"(SFT - NIC Teaming) which as far as I know, Intel NICs only support this on Windows.


Regards,
Joe.
0
joe_1163
Asked:
joe_1163
  • 3
  • 2
1 Solution
 
naccadCommented:
Coming from an ISP backgroud myself, I think I can give
you some advice.. stay away from Windows. Period.

We tried it, we used it for Radius, failed many times,
mail, overloaded the system after 3 days, needed reboot
every week at least, DNS: do not even go there...

The only thing Windows was good at was the firewall, some
may find this surprising, but here is my explanation,
we put Checkpoint Firewall-1 on an NT4 box, very reliable,
since FW-1 replaces the Windows TCP/IP stack with its own.

of course FW-1 also runs on linux, for the same price.

What we ended up doing was an amalgamation of OSes,
OpenBSD for firewall, linux for everything else,
and throw in a couple of SCO boxes for a propriety
software (dont ask, i had to run it, not like it).
Why OpenBSD, it has the best firewall outside of a commercial
product.

DNS/MAIL/WEB is great on Linux, using Bind,Sendmail/Postfix and of course Apache beats anything in web serving.

As for SFT, you're better off getting a NAS and using
linux LVS for load balancing and fail over.

hope that helps
tc
-nick
0
 
joe_1163Author Commented:
Nick,

Do you suggest "SuSE SLES8" or "RedHat AS" or something else?


Regards,
Joe.
0
 
naccadCommented:
They are both more or less the same.

I am biased towards redhat because I have more experice with
it, and because I like the up2date function, SuSE has a
strong admin utility YaST2 that I havent seen anywhere eles.

I don't think you'll need RedHat AS for such a setup though, The one you download off the net + a support package will do very nicely.

There are more pointers too, SuSE has an Entreprise Mailserver based on LotusNotes, Oracle teamed with RedHat
and they have a mailserver (i think the cost calculated
is $60/seat as opposed to $130/seat for MS Exchange), or
you can go with a straight forward mail server like sendmail or postfix, at least its free :)


Don't take my word for it, do your research on SuSE vs.
RedHat.. i.e. dont blame me later :)

tc
-nick
0
 
joe_1163Author Commented:
Nick,

because of external storage prices I don't want to use Clustering. But, in Windows2000 environment I can have Primary/Secondary servers for failover/redundancy. How can I achieve this in Linux? (failover should be automatic not manually)

Regards,
Joe.
0
 
naccadCommented:
Linux Virtual Servers
http://linux-vs.org

I am using it right now on RedHat 7.2 to provide failover
for an ERP frontend.. works like a charm.

btw, if you send an email to RedHat Inc. they will be more
than happy to assist you.

tc
-nick
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now