Boxing Clever
As if all this Internet stuff wasn't complicated enough. Before youeven start, you must tackle the thorny issue of hardware platforms. Andthat, says Sean Hallahan, is assuming you can find a reseller to sell youone.
No hardware announcement is complete these days without at least a ritualistic bow towards the Internet. Selecting a hardware platform is difficult for customers, and selling one is equally difficult for resellers.
A number of key issues need to be considered before deciding on a machine or operating system. Sizing the system is one of the hardest problems, according to Chris Gale, Sun Internet and intranet product manager. Because Internet and intranet technology is moving so fast, today's solution may not be adequate next year, he says.
Scalability is also a key issue - Gale's advice is to go for bigger rather than smaller processor and storage devices. 'It is difficult to size the scope of the project. If on an intranet you put up the internal telephone directory, you do not know how many people are going to access it and with what frequency or what the size of it will be next year,' he says.
Because Internet technology is moving faster than any other development in the history of computing - with the possible exception of semiconductor technology - it is necessary to take account of the future. 'You have to take account of the rate of change - which is not only growing fast, but exponentially - and realise that people are going to want to take advantage of sound, video and movie clips,' says Gale.
Some independent observers argue the IT world is returning to the traditional data centre world of the 60s and 70s, and this will have a significant impact in the choice of Internet server and associated hardware. UK consultancy Bloor Research argues in a recent report - The Enterprise by Other Means: An Analysis of the Return to Centralised Computing - that the thin client, or network computer, will become the standard terminal for Internet users, and that massively parallel processing (MPP) machines will become the server.
'The major conclusion of this report is that we will see MPP hardware gradually eat into the server space and that the client will become thin.
It is important to emphasise here that the operating system on the client no longer matters much. The only important thing about the client is that it speaks the application level protocols of the Internet and provides an appropriate execution environment for the executable languages of the Internet - Java and possibly Active X,' says the report.
The report adds: 'We still need to be concerned with the OS on the server hardware.' Like Gale, Bloor Research believes scalability is the key issue in the selection of hardware and operating system for the Internet server. 'Scalability is intrinsically linked to flexibility. There is no point in having a scalable system which is only capable of scaling for a limited range of workloads that do not represent the range of workloads imposed by real enterprise applications.
'Scaling is also tied to configurability; there is no point in system scaling if it requires a systems analyst with a brain the size of a planet,' the report says.
Arguably the selection of the hardware is less important than the scalability and flexibility of the operating systems it runs. Bloor Research suggests several suitable potential Net server OSs: IBM's MVS and AS/400, Digital's VMS, various flavours of Unix and IBM's OS/2, Novell's Netware SMP and MS' Windows NT.
The report comes to no firm conclusions on which of the proprietary operating environments is best suited to the Net. But it inclines towards Unix because 'we have some confidence in the ability of Unix to scale, based upon our understanding of its scheduling and the management of resources'.
Netware SMP (symmetrical multiprocessing) appears to offer scalability, but is as yet untested, the report concludes. Windows NT is not totally discounted, but the report advises caution. 'As far as Windows NT is concerned, implementations on MPP-type configurations are not yet available.
There is some anecdotal evidence that it does not scale well on SMP and, presumably, NUMA systems. The announcement of a clustered version of Windows NT may be a warning,' it says.
There is one other critical factor in selecting a Web server - continuous availability. As Arthur Parker, head of IBM's Systems 390 mainframe group, points out, continuous availability is vital once trading begins on the Web. It may be an inconvenience if someone is trying to access a Web site purely for information, and is unable to gain access because the system is down. It is quite another if they wish to place an order with a company trading on the Web. 'The big reality is that the Web never sleeps, and if you are going to have 24-hour, seven-day operating, then Unix is probably the best bet at the moment,' says Robin Bloor, chairman of Bloor Research.
In the past it has been possible to take a system off-line, usually overnight or at weekends, to carry out essential maintenance or software and hardware upgrades. But the 24-hour, seven-day operation of the Internet makes this unfeasible. Viktor Rosenqvist, Digital Internet business development manager, believes the issue of high availability is even more critical than sizing the machine, although he acknowledges sizing is also important.
Digital's solution to high availability is to rely on its clustering technology which it promoted more heavily than many other companies.
Clustering together Digital Vax or Alpha machines means data can be swapped between boxes without any degradation of service to the user, in the event of a component failure, or the necessity to upgrade.
But Digital is not the only company to adopt clustering, says Bloor.
IBM, Hewlett Packard, Sequent and other vendors have also recognised the necessity for high-availability systems. 'Clustered environments offer a way forward, and with Wolfpack (Microsoft's codename for clustering NT) you will be able to cluster NT.'
Security is also a major issue, both to prevent unauthorised access and to prevent the downloading of viruses via electronic mail, for example.
Gale believes many companies will want to use a separate machine as a security firewall between the server and the users terminal or PC. Bloor and Rosenqvist also argue that a separate machine should act as a firewall between the users and the Internet.
There are, of course, alternatives to buying two processors, and some products on the market already have security features built into them.
According to Rosenqvist, Digital offers three levels of security: a separate processor, a software solution and a PC-based firewall. The level of security required naturally depends on the customer's type of business.
In a clustering environment a disk drive could operate as a security firewall, according to Bloor. Comms company US Robotics, which supplies modems, bridges and routers, incorporates features in its remote access chassis, which runs under NT, that off-load security features from the processor. Lotus Notes, rather more by accident than design, contains high-level security features, says Bloor. But it is likely that the large commercial users will opt for a second processor as a firewall. 'If you look at the big banks and the defence industry, they do not let a single wire into the building unless it is totally unconnected to any other machine.'
Although hardware manufacturers have a vested interest in selling additional processors as a security system, the falling price of hardware means the idea is more appealing than it used to be. Earlier this year, IBM launched its latest range of System 390 machines, including the low-end Multiprise 2000.
The Multiprise 2000 is aimed at medium-sized companies. IBM tore up its price list for mainframes a few years ago, but the Multiprise 2000 is likely to be price/performance comparable to any existing mid-range system.
It is a machine Bloor regards as the perfect host for a security firewall.
One of the attractions of using a machine like the Multiprise 2000 as a security blanket is that it runs mainframe operating systems, such as MVS and VM, which were developed over 20 years ago. The fact that they are still in use today, and that they are used by large financial institutions and other large customers, means the security on the systems has been tuned to a very high level.
IBM has a number of security features already in place on the mainframe.
RACF (resource access control facility) is a security access and control system designed to allow access to data and disks only to those users that have authorisation. It also records any attempt, successful or unsuccessful, to access protected data, identifying the user ID and the terminal from which the attempt was made.
Another security product, Net/SP, operates on Dos, AIX and OS/2, and connects with RACF. As the Handbook of IBM Terminology, produced by consultancy Xephon, puts it: 'IBM is touting the Net/SP secured network gateway on an RS/6000 as enabling corporate users to set up a firewall between corporate systems and cyberpirates, propeller heads and other socially undesirable types who infest the Internet (allegedly).'
Even though IBM believes products like RACF and Net/SP guarantee a high level of security, from next year it will introduce a cryptographic co-processor for the System 390 products. IBM argues the co-processor is not really necessary, as RACF and other security products adequately take care of any problems, but it agreed to the extra firewall at the request of its customers.
It is hard to believe, because of the high profile of the Internet, that the technology is actually still in its infancy and its standards are still being defined. Although many companies are committed to it, the Net is not yet a critical technology for most European firms. But observers like Bloor believe it will become so in the future.
The vested interests of hardware vendors in selling more boxes notwithstanding, the advice to buy a larger machine than required is eminently sensible.
The rate of technology development of the Internet and intranet is moving at a faster pace than at any other time computing's history. According to the Bloor Research report, software investment in the intranet has now exceeded that of the Internet itself.
Sun's Java language lies at the heart of the intranet and Internet, and all the major vendors are committed to it, from IBM downwards. Operating systems which were once proprietary - such as IBM's MVS, Digital's VMS, and HP's MPE - are now increasingly open. In IBM's latest mainframe announcement, the firm provides a Unix or NT look and feel to the user, while MVS takes care of features such as systems management and data security and integrity in the background.
There are still a number of issues to be sorted out before a full-blooded Internet solution is a reality. In the US, some firms are already doing business via the Net, but the take-up in Europe, as usual, has been slower.
The Internet is a truly open system, whether it is running Unix or an old proprietary OS. The hardware scarcely matters to the customer and Net user. What matters is getting the right size of box for the applications coming on stream; that the technology matures; and what security features the operating system can offer.