"What are the facts? Again and again and again -- what are the facts? Shun wishful thinking, ignore divine revelation, forget what "the stars foretell," avoid opinion, care not what the neighbors think, never mind the unguessable "verdict of history" -- what are the facts, and to how many decimal places? You pilot always into an unknown future; facts are your single clue. Get the facts!" Source 1
This executive summary presents the results of extensive research contrasting the suitability of Novell NetWare and Microsoft Windows NT Server for use in the AISD district-wide network. In the course of researching this topic, I have come to the inescapable conclusion that standardizing on NT could be disastrous for AISD and that Novell offers the only realistic solution for reliable, secure computer services to all students and faculty.
Due to Windows NT’s current popularity, the number of utilities to "hack" NT and the hackers that exploit them, far outnumber those for Novell. NT is notorious for "security holes" that continue to plague the operating system, from "Denial Of Service" attacks to the recent "Blue Screen Of Death" security hole exploited during Bill Gate’s senate hearings.Source 2
Windows NT is plagued by at least one major security bug that makes it possible for any hacker on the same network to intercept and decode passwords for every user on the system.Source 3 This utility called L0PHTCRACK has received quite a bit of press coverage and a fully functioning version is easily available for download from their web page. Included with L0PHTCRACK is the program’s source code (in C++, the same language we teach our students in the Computer Science Dept.) to make modification and improvements quick and easy.
Some of the more advanced computer science students at both Travis and SFA High have not only shown me the utility, but have told of modifying it to make it more powerful. Although Microsoft released a bug fix to try and seal the hole this program exploits, the program’s developer simply released an update that defeated the fix.Source 4
Although Microsoft has touted the soon to be released Windows NT V5.0 (now delayed and renamed Windows 2000) as much more secure, the newest L0PHTCRACK has been successfully tested on the Windows NT 5.0 beta and is expected to allow quick and easy hacking of NT 5.0 systems.Source 5 Currently only one product has been shown to completely eliminate the security threat posed by L0PHTCRACK and programs of it's type, but it’s not from Microsoft. The product is NDS for Windows NT and is made by Novell.Source 6
The hacker world doesn't stand still. There is a new utility that allows an inexperienced hacker to seek out and exploit know holes in the Windows NT default security settings. This utility, called Ogre promises to be a powerful companion to L0PHTCRACK as it can easily find the systems that L0PHTCRACK can then exploit.Source 18
To their great embarrassment, the U.S. Navy found out what happens when you base something as mission critical as ship propulsion on something as fragile as the Windows NT operating system. In compliance with the U.S. Navy's current IT Standards Guidance document Source 20 the USS Yorktown had its propulsion system linked to the Windows NT operating system resulting in the warship being rendered immobile for over 2 hours when Windows NT crashed. According to Anthony DiGiorgio, a civilian engineer with the Atlantic Fleet Technical Support Center in Norfolk, "the NT operating system is the source of the Yorktown’s computer problems." Source 21
In a controlled test environment, a single 200mhz Pentium Pro based server running Novell Netware was able to provide 67,000 students with Internet service in a high volume school district.Source 7 Based on Microsoft’s own recommendations, you would have to have 20 Windows NT servers to accomplish this same feat.Source 8 Interestingly enough, some industry insiders have begun to question many of Microsoft's assertions since they have been caught exagerating or in some cases lying outright about their product and it's sucesses.Source 27
The inefficient nature of the NT operating system was clearly demonstrated in real world tests comparing an NT server at Travis High School and a Novell NetWare server at Austin High School. At Austin High, the Novell server operated at up to 18% utilization while serving 120 students with file and print services. At Travis High, the NT server operated at up to 100% utilization while serving only 57 accounts. (In this test, the NT server was given the advantage of running on a brand-new Dell 166mhz Pentium MMX while the Novell server ran on a 2 year old 133mhz regular Pentium.Source 9
Since Novell has been around much longer than NT, there are over 92,000 Novell Certified NetWare Administrators (CNA) and over 82,000 Novell Certified NetWare Engineers (CNE) available to fill positions.Source 10 (I know of at least 2 current AISD employee’s that hold current CNE and CNA certificates and one that is a Certified NetWare Instructor CNI.)
The current Fortune 500 infatuation with Windows NT places network administrators with NT certifications in a much higher salary bracket. Finding truly qualified NT admins, in a high tech marketplace like Austin, willing to work for the below-prevailing-average AISD wages will prove to be difficult. Inevitably, due to budget constraints, AISD will end up with fewer admins, or admins of lesser quality and experience.
In the small amount of data released from AISD’s network plans, it was revealed that due to well known bugs in Windows NT’s Dynamic Host Configuration Protocol (DHCP) Server, an additional UNIX file server will be required at each "server farm" to hand out Internet addresses. Not only does this require a significant investment in hardware to overcome a software "bug", but there are staff repercussions as well. Resources would have to be diverted to hiring UNIX administrators, or hiring Windows NT administrators that also have UNIX certifications. NT certified administrators with training in UNIX, are in such high demand that they command some of the highest salaries on the market.Source 11
At this point in time (November 1998), Novell holds an installed base of over 49% of the business file server market while Windows NT has just over 33%Source 17. As a quick method to see how problematic each of the operating systems was, I did a search on www.DejaNews.com, an Internet newsgroup search engine. Searching with the keywords "Novell" and "Problems" it returned about 2500 articles. Doing the same search with "NT" and "Problems" resulted in over 20,000 articles. So with only one third as many installed servers, NT was responsible for almost 10 times more posted problems.Source 12
The AISD currently holds many Novell server licenses. At the Novell TechShare 98 I attended, I found that Novell would be willing to upgrade these existing licenses and dramatically reduce the cost of acquiring software while maximizing AISD’s current investment in Novell technology.
With the delays in shipping NT5 (now renamed Windows 2000) and the improvements in Novell's offerings, even the industry pundits have begun to question the validity of dumping a Novell-based environment for an all NT approach. Close scrutiny of the the options available in todays WAN/LAN environments reveal that moving to NT, which was once considered a "no brainer", maybe isn't such a good idea.Source 23 Some are even expressing this opinion with in depth reports.Source 25 Even if a migration to NT V4 (the only one shipping) was done now, the inevitable migration to Windows 2000 will in itself pose a problem.Source 26
A purchase of Microsoft products for the entire AISD would represent a tiny fraction of the total business Microsoft will do in a year. Contrast that with Novell, a company hungry to attain success stories to bolster it’s market position.Source 13 An AISD purchase of Novell products would more than likely represent a major portion of Novell’s business and subsequently AISD would have tremendous bargaining power in negotiations.
Novell bundles free product enhancements that are not available at any price for Windows NT. Novell’s NetWare Directory Services (NDS) has been demonstrated to allow administrative responsibility to be portioned out to existing faculty members while increasing overall network security.Source 14 This not only lowers staffing requirements, but returns control of the network functions directly to the teachers who depend on it. Novell’s ZEN Works allows the individual classroom teacher to precisely control what programs are delivered to which student.Source 15 ZEN Works also offers automatic repair capabilities when a Windows program becomes corrupted or deleted. This product is so powerfull that it was recently selected Product Of The Year by Infoworld magazine.Source 24
Novell Intranetware is currently in use at Lanier, Travis and Austin High Schools. The systems in these schools have been refined by over 2 years of actual use by students in classroom environments. Many of the custom settings, utilities and procedures have already been defined. These things would have to be developed for Windows NT by highly trained (read expensive) NT Administrators and/or Consultants.
Novell NetWare was first introduced as a file server platform in the mid 1980’s. Over 10 years have gone into evolving a stable and effective file server. Windows NT (Which stands for New Technology) started as a workstation that was adapted to become a file server. This difference explains why Microsoft spends time developing and distributing bug fixes while Novell develops and releases new products.Source 16
After reading this, you might be wondering why I decided to devote a so much time in trying to explain the differences between these two competing systems. Frankly, its because I was amazed at the overwhelming evidence that clearly shows Novell to be the far better choice for the school environment. Though both operating systems have businesses as a target market, only Novell has the flexibility to be molded to fit the unique requirements of a school system.
This is not to say that the Windows NT operating system has no place in the AISD computer network, on the contrary the pervasive nature of Microsoft in general and the increasing market share Windows NT is gaining means that the students of today will more than likely encounter Windows NT in the future. By using NDS for NT., Windows NT servers can be safely added to school networks and used for web services, client/server and other emerging technologies.
The hands-on experience I had in trying to build and secure a school network based on NT, while battling the bugs and inefficiencies that came with it, gave me a preview of the problems that the AISD will encounter if an NT solution is decided upon. Simply put, using a tool like NT for a specific task makes sense. Using it to handle the bulk of network functions does not.
Vernon Graner CNE/CNA
SFA&THS Network Administrator
Vern@Graner.com
Office 512-328-8947