Win 2000 server bigger than it is better

Featured eBooks
The State of Trust in Government
Cybersecurity in State and Local Government
Building Data Literacy in the State and Local Workforce
By Jason z_rne
 

Connecting state and local government leaders

By Jason z_rne

|

Windows 2000 Server, Beta 2 Pros and cons: Microsoft Windows 2000 is coming at us like a slow-motion unstoppable avalanche. From the desk to the server room and on to the data center, Win 2000 threatens to cover everything. Will this be a new era in computing or a megaflop? As the GCN Lab discovered, in the server arena it will depend on an agency's

Windows 2000 Server, Beta 2




Pros and cons:






Microsoft Windows 2000 is coming at us like a slow-motion unstoppable avalanche. From
the desk to the server room and on to the data center, Win 2000 threatens to cover
everything. Will this be a new era in computing or a megaflop? As the GCN Lab discovered,
in the server arena it will depend on an agency’s current environment.


The only way for an enterprise to take advantage of everything in Windows 2000
Professional is to run Windows 2000 Server and its Active Directory Services. Win 2000
Advanced Server, formerly called the Enterprise Edition, will be a superset of Win 2000
Server with support for clustering, larger memory space and more CPUs.


Many network administrators are familiar with Novell Inc.’s Novell Directory
Services. The Active Directory in Win 2000 Server is Microsoft Corp.’s first attempt
to present an alternative to NDS.


NDS and Active Directory both map out the network labyrinth and store vital information
about objects—user settings, networked devices and applications. This makes objects
and settings much easier to administer, and users can conveniently locate the network
resources they need.


NDS has an edge over Active Directory in replicating directory information between
servers, because it is more mature and has been through the crucible of real-world use.
Though not perfect, NDS works pretty much as advertised.


Active Directory in the second beta of Win 2000 Advanced Server is promising but faces
a rough road on its way to enterprise acceptance.


For users accustomed to Windows NT 4.0’s domain structure, Active Directory will
require retraining. Managers who run mixed NetWare and NT environments will have to decide
whether to stay with the NDS directory they know or take a chance on Active Directory.


Although Novell sells NDS in a version for NT 4.0 Server, Microsoft has not announced
plans to port Active Directory to NetWare. That simplifies the migration decision somewhat
for mixed government shops. Microsoft will, however, incorporate a migration tool to move
NDS objects into Active Directory.


If a manager plans to mix servers running Windows 2000 and NT 4.0 in what Microsoft
terms mixed mode, users will have to give up some of the features available in an all-Win
2000 environment. At this time, NT 4.0 and Windows 9x clients cannot search the Active
Directory. Microsoft may correct this fault in a Service Pack at some point, but for the
time being, it’s Win 2000 only if you want Active Directory Services.


As with other Microsoft products, Active Directory demands commitment. It’s fine
if you have only Win 2000 clients and servers, but it’s likely to cause problems in
heterogeneous environments.


File and print services are the most heavily used under any network operating system.
Win 2000 makes several improvements here. Topping the list is a Win 2000 version of the NT
File System that lets users and administrators natively encrypt files and resize NTFS
partitions without rebooting servers.


Many administrators will appreciate being able to assign network disk use quotas to
users or groups—the first such capability in a Microsoft network OS, though common
under other vendors’ network OSes.


Performance gains in Win 2000 Server will be fairly small compared with NT 4.0. Both
Server and Professional can defragment partitions, regardless of whether they are 16- or
32-bit File Allocation Table or NTFS partitions.


One of the most impressive additions to Win 2000 Server is hierarchical storage
management, which offloads seldom-used files to optical or tape drives. If a user requests
such a file, the server brings it back online transparently.


File security is better, too. NT 4.0 can control user access rights down to the
subdirectory level but not to the file level.


Win 2000 Server’s distributed link tracking is one of those good ideas that should
have come earlier. Currently, when a file’s name or location changes, it becomes
almost impossible to find again. That’s bad enough for a data file, but if a program
file gets lost, a lengthy reinstallation follows. DLT keeps up to date on shortcuts and
links to files residing on NTFS partitions.


Other improvements are input-output bandwidth boosters such as I2O, Scatter/Gather I/O
and client-side caching of network files.


Of great importance on large, multiserver networks is Win 2000’s new Distributed
File System, which creates a tree of directories that contain files from multiple systems.


For example, a folder called Budget Fiscal Year 2001 could hold files residing on
different servers at the program office, the administrative office and the budget
division. The feature likely will ease sharing and managing files across offices,
departments and divisions.


Win 2000 has a lot to prove when it comes to security. NT 4.0 was scorned by many
hackers as too easy to crack.


Part of the reason is that because Windows NT 4.0 is fairly easy to set up and manage,
inexperienced administrators without network security training sometimes get the job.
Another reason is that, because NT 4.0 can fix or limit many of its security problems,
Microsoft made NT security policies difficult to implement.


Security in Win 2000 is more robust and a little easier to set up. The Security
Configuration Editor presents security templates that can be replicated across servers.


Win 2000’s public-key Encrypting File System runs as a service and can protect a
single file, a group of files or a directory. Win 2000 also supports the Kerberos 5
industry standard for authentication, which is likely to help with cross-platform security
integration.


In addition, Win 2000 will have a public-key certificate server—a boon for
organizations that want to move toward a public-key security model without buying
additional products. And smart cards can furnish a physical layer of security on top of
passwords.


TCP/IP is a notoriously insecure route for sending and receiving data. Win 2000
supports the open standard called IP Security Protocol for more secure data transmission
across an intranet or virtual private network.


NT’s greatest strength has always been with applications and Web servers, and
Windows 2000 continues in that vein. Microsoft has made it more scalable via the
Enterprise Memory Architecture, which will better handle transactions against large data
sets by keeping more data in memory.


The higher-end Win 2000 Advanced Server version will juggle up to 4G of memory on Alpha
and Pentium Xeon platforms, and the Win 2000 Datacenter Server version can support as much
as 64G.


Legacy client systems can take advantage of the latest applications through Win
2000’s Terminal Services, executing applications on the server rather than locally.


Win 2000 Advanced Server will do better clustering of application servers and, through
the Active Directory, give better availability to distributed application servers.


Symmetric multiprocessing now extends beyond eight processors, and Win 2000 has native
transaction, message queuing and Web application services.


What about network printers, the bane of every administrator’s existence? Active
Directory makes printers easier to find and install. You can even be working in an
application while you find and install printers from the Print menu.


Win 2000 also will work with more printers than NT 4.0 does. Through the Internet
Printing Protocol, users can print to a uniform resource locator and view data about their
print jobs via their browsers.


Win 2000 Server’s Dynamic DNS will update a database of Internet Domain Name
System entries automatically without requiring the administrator to enter them manually.


Quality of service is always a big issue for servers. If you have two applications
running and don’t want one to monopolize server resources, a Win 2000 QOS control can
automate that management item.


Denial of service attacks have been a problem for NT networks that tie into the
Internet. Win 2000’s network address translator keeps internal IP addresses from
being released in Internet traffic.


Native support for asynchronous transfer mode is likely to open up new applications for
the new NOS in simultaneous data, voice and video transmissions.


NT server management tools were always fairly good, and the Microsoft Management
Console improves on them. The console is a single point of contact for all administrative
functions, network resources and clients.


I personally found the console’s Internet Explorer-style interface inadequate, but
snap-ins are on the way from many application and device vendors.


Win 2000 will also benefit from the Windows Scripting Host, first seen in Windows 98,
that automates common tasks.


Setting up group policies is easier thanks to the Groups Policy Editor. Policy-based
management might finally come into its own with Active Directory and its object store.


The Application Installation Service lets the administrator specify a set of
applications that will always be available to a single user, a group of users or everyone
on the network. This will help immensely in deploying new applications across an
enterprise or fixing damaged installations on specific clients.


The Active Directory makes it possible for settings, data and applications to follow
users around wherever they log in under what Microsoft calls IntelliMirror. If you log in
at a Denver office, you see the same screen as you would in Washington. Upgrading desktop
hardware is infinitely easier, because regardless of where they are, users can get at
their applications and files elsewhere.


Win 2000 setup is easy compared with Windows NT 4.0 Server or Enterprise Edition. It is
different enough, however, to require a few trial runs before going through it for real.


Microsoft has significantly reduced the number of scenarios under which the server must
be rebooted. New services can be started and devices installed without a reboot.


Overall, Win 2000 is probably the most important operating system ever to come out of
Microsoft. Its impact, like that of a 900-pound gorilla, will be felt across most
government and corporate networks. It is more scalable, more powerful and certainly better
at enterprise networking than its predecessors.


But it is far from the best NOS ever, as Microsoft marketers would have you believe. It
is not streamlined and is more difficult to use than it should be. It suffers from massive
bulk. And it is yet another Microsoft product that does not work well with other
vendors’ products.


Win 2000 could have been great, but it is simply somewhat better than NT 4.0. Many of
its features will not be used or needed by many organizations. Its bloated size means that
Microsoft will have a more difficult time fixing the problems that crop up.


Remember that Microsoft is still releasing patches for the supposedly mature NT 4.0,
and sometimes the patches themselves cause fresh problems. The new NOS is orders of
magnitude more complex than NT 4.0.


For government network managers who are satisfied with NetWare 4.11 or 5.0 or Unix,
there is little reason to upgrade. The cost in terms of commitment to an unproved NOS is
too high.


But Win 2000 is a good choice for sites that already have 100 percent of their servers
running Windows NT or are starting from scratch.


Although this review considered only the beta Windows 2000 Server, the operating system
will only get bigger and more complicated between now and its release date in the second
half of next year.


If your organization is seriously considering buying it, find out as much as you can
now. You’ll need all the help you can get. 


Here are some new hurdles for Windows 2000 Server and Advanced Server administrators:


Active Directory: Enterprise-class object store for information about
users, applications and network resources. Many of the Windows 2000 operating
system’s features are integrated in some way with the Active Directory. Migration
from Novell Inc.’s Novell Directory Services looks possible but not promising.


IPSec: IP Security Protocol, a secure, open standard for sending and
receiving encrypted data across IP networks. Win 2000 and other operating systems promise
support for IPSec.


IntelliMirror: A set of tools for user roaming, centralized control of
desktop PC configurations, and automated software installation and management.


Distributed File System: Directories of shared files and
subdirectories on multiple computers and servers across a network.


Internet Printing Protocol: Protocol under which Win2000 users can
send print jobs over the Internet or intranet via uniform resource locators. They can view
job status through their browsers. The printers must operate under a Win 2000 server.


Clustering Services: Win 2000 Advanced Server’s way of
integrating server clusters with the Active Directory and cluster-aware services such as
Dynamic Host Configuration Protocol and Distributed File System.
Enterprise Memory Architecture: Scheme that frees up server memory for applications and
the data sets they use. EMA will be important for high availability of application servers
in large enterprises.

NEXT STORY: Apple's iMac rates high on cool scale but has built-in limitations

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.