Linux on a Banking System - Feedback from Pedro Rosa
Fri, 19 Jun 1998 02:23:19 +0400
Hi!
I'm quite impressed with your article on UNIX vs NT. As an ex-Network admin I can say that you managed to show a lot of the main points that show the strength of UNIX systems.
I am writing to you as I feel that you have some points less remarked on how far someone can go on UNIX. Also I would like to present you a situation where a company made a "one step forward and two steps back" on UNIX vs. NT.
I worked some years ago on an implementation of Linux boxes on a banking system for automation of several network tasks. Most of these boxes were 386 or 486 based (Intel & AMD). Together with Novell Netware 4.1 they made the central bulk of our network. The workstations were a mix of Win95, DOS and OS/2. During the whole time we never had a NT working.
During the three years I worked on this we had only one serious down on one Linux box. The reasons were purely physical (SCSI card burned out and consequently we had some damage over the file system).
We had a 386SX AMD that worked for almost 1,5 year without any reconfigurations. For almost 6 monthes this machine worked even without any reboot and most admin work was purely observational. Essentially the machine had to be downed after non-stop work due to problems in the power wires of the room where it was located. By itself it was working perfectly. The Linux kernel was one of the first betas and it suffered no upgrades during the machine lifetime. It was downed when it was decided to restructure the internal E-Mail system.
We also had a curious Linux box in one 486 (Intel). The machine was purchased with a serious physical bug in the memory management. Due to some reasons we had to keep this machine for almost two monthes and we found some curious facts on using it:
DOS crashed on it in less than 15 minutes after boot OS/2 crashed during install (2 diskette). It didn't boot Win 3.1 crashed either during install or right after lauching Program Manager on boot. Novell 3.12 didn't install. Linux managed to keep alive up to five hours on it. The average lifetime was 30-45 minutes. Usually the system automatically rebooted and tried to overcome the errors. It halted only twice.
I am forced to recognize that our team had a very negative attitude in relation to NT & Microsoft. But anyhow the NT alternative could not give us a good chance of developement. The tasks given to Linux boxes were:
- Corporate E-mail and Client E-mail.
- Internet services with firewalls and proxy's
- Automate Fax delivery and receiving.
- Network monitoring
Most of this work was made in client/server automated services. With exclusion of the network team no one had access to the boxes but these services were accessible on Win95 and DOS stations. The fileserver system was occupied by Novell with a particular interaction with Linux.
It is a fact that Linux is hard and timeconsuming to configure. Yet we didn't have any serious problems after 2-3 monthes work on a new box. Most time the work turned into routine checks. Only four times we had alerts on break-ins, one of them serious.
In comparation I can say that Novell had serious problems several times and security was a matter of concern even when we bought an HP LH/5. DOS was a serious headache but the biggest headache was Win95 August 95 edition. Until OSR2 we couldn't attain a good level of confidence in the system. Several times we had high alerts with a significant financial burden (lost files, long downtimes).
Almost 2 years ago I and several colleagues were fired due to changes at the managerial top-levels of the bank. The new team changed radically the banking structure, tending to Novell 4.11 and Windows NT. I think that it is worth to mention some curious points:
Several automated tasks were dropped out. ex. the automated Fax system that allowed any workstation to deliver/receive fax. It was substituted by a secretary on a Fax machine... Such services seem to be allowed at least on Win95. Yet they are highly unreliable as a permanent automated service.
Some tasks had to be run on dedicated computers under DOS. In particular some internal E-Mail services. These services were impossible to be run on NT machines due to certain working requirements of the automation systems.
The Internet system had to be downed for a very long time. In part this was due to the level of competence of the new admins. In part because NT didn't present the same security solution as Linux.
A curious moment was the fact that the bank had to stop its work much more frequently. Once it went up to 3 days (due to a small break in the cabling). Our team was able (and obliged) to detect and work out a solution in a matter of half working day maximum. Most work was done by using a mix of Linux/Novell/Win95 tools. Yet the NT/Win95 admin system was unable to clearly portray a lot of serious glitches and configuration bugs.
It is certain that here we have a matter of competence and knowledge between the two teams. And jealousy also... This could arise some questions on how objective could be these considerations. I personally consider that some of the new guys are not stupid at all. Yet the technical solution they found is IMHO less reliable and carries a significant suplementary burden to this company.
The matter here is on the restrictions NT presents to acomplish certain fundamental tasks, specially automated tasks where the human presence is practically unneeded (and sometimes unwanted).
Also another problem is Microsoft maniacal idea of "showing complexity through simplicity". The GUI is not an answer to the "all in one" problem. In fact it is frequently a very dangerous psychological factor. The GUI interface is even treacherous for a professional higher than me. The "ease of use" leads to some lazyness of mind. And when sometimes problems occur it becomes quite difficult to guess what's happening behind the scenes. Sometimes ago I had a biiig problem over a NT station. The solution came only after using DOS's diskedit (Norton Utilities) and checking certain disk sectors physically. The information that NT was giving was almost minimal (something like "4 bad sectors found") and barely I could guess anything from it. It was highly important to know where these problems were starting to avoid the further worsening of the situation (disk was physically degradating).
Well these were some points of my personal experience. Hope they would be useful to you
Regards
Pedro Rosa