Enterprise Unix Roundup — Sun's DDoS PR Attack

By Michael Hall (Send Email)
Posted Jun 3, 2004

Main     In Other News     Security Roundup     Tips of the Trade
Sun spills more details about JES, reveals licensing tweaks, and lays the groundwork for the fall rollout of Solaris 10. We sum up the most ear-grabbing sound bites. With chroot, you can lock up exploitable services in their own secure jail, keeping the rest of your system safe from harm.

It's been almost a year since we first wrote about Sun's Java Enterprise System (JES) as it rolled out of the long tunnel of pre-announcements and "we can't tell you what it is, but it'll be innovative" press conferences. At the time, it seemed like a positive plan for a company struggling to make its way out of a bad slump. What it was missing, and what eventually got filled in, was a realization that the commodity server came of age during the downturn.

So here we are, nearly 18 months after the first announcements of what was to become JES, and Sun's been busy making announcements as it fills out even more details, tweaks licensing, and lays the groundwork for the Solaris 10 rollout scheduled for this fall. As befits Sun's occasional press strategy of sending out senior executives to incite minor riots and get the tech punditocracy a twitter, a few ear-grabbing sound bites were emitted from Sun headquarters this week.

On the hardware side, Sun issued two major sets of announcements:

  • The company's first Opteron-based workstation, code-named "Metropolis," is expected to be available next month. The system sports dual Opterons and will run either the Linux-based Java Desktop System or Solaris 10 for x86. Sun also announced the Netra 440, which has quad 1.28GHz UltraSparc IIIi's in a 5U form-factor, and the SCSI-based StorEdge 3120, which is capable of supporting more than half a terabyte of storage.
  • As we reported back in October 2003, Sun and Fujitsu have agreed to merge their Solaris and SPARC-based server lines by 2006. The two companies will share distribution channels with each other. The partnership spells the end of the Sun Fire line, as both companies are jointly developing the "Advanced Product Line" (APL), which will replace Sun's efforts on the now defunct UltraSPARC V.

On the licensing front, Sun had a few things to offer:

  • The company is going to start providing licenses to developing nations based on UN population and development data. Estimates place the cost-per-citizen at anywhere from $0.33 to $1.99 (in U.S. dollars), with the deal limited to developing countries, not developed nations. The license cost will include Level 3 tech support. According to Sun, the per-citizen pricing works better for governmental organizations with fewer computer-using employees than Sun's traditional per-employee pricing. An endeavor to attract attention in this area is pretty much a no-brainer for the company: Linux is doing well in developing nations because it doesn't cost anything, and Microsoft is trying to do well in developing nations by offering cut-rate pricing — depending on how high profile the potential Linux incursion is. And why not? No matter how much sobriety the average tech company can feign, when confronted with the prospect of reaping mini-booms all over the globe (and possibly locking up emerging tech markets at the same time) they clearly get a little shaky. For Sun, this is even more of an imperative because it's coming into the commodity server market in the United States a little late.
  • The company is expanding its subscription-based services in terms of hardware. Customers used to buy a server, take it back to the data center, and put cool skateboard stickers all over it. Now, Sun is pushing a pay-as-you-go approach to hardware. Its Sun Utility Computing for StorEdge systems will work on a pay-for-use basis. Some reports indicate rates will be about 2 cents per MB per month, including support.
  • Sun also announced its Sun Preventive Services program. The program works by performing some baseline diagnostics on a customer's network, then provides an action plan to correct deficiencies and plug holes in security. As with past Sun services programs, initially only Sun systems be supported. The package will expand to iForce partners this winter, then bring in non-Sun systems next May.

Finally, on the operating system and software front, Sun had a few announcements:

  • The company announced its Dynamic File System (DFS) is available for Solaris 10. DFS is meant to answer the challenges posed by adding disk space to a system that eliminates the need for logical volume managers (LVMs) found in other operating systems. DFS uses virtual storage pools and provides a continual verification of checksummed data across mirrored pools to ensure file integrity. It includes a number of monitoring and repair enhancements and automates parts of the process of adding storage to a pool. According to the company, tasks that took 40 minutes under other methods of disk management can now take as little as 10 seconds. We'll await confirmation from the field on that.
  • Solaris 10 is also picking up what Sun calls "Process Rights Management," a variation on the classic Unix users/groups security paradigm similar to the mandatory access control scheme found in the NSA-funded SELinux. Administrators or even ISVs will be able to assign privileges to applications, providing a more granular approach to security. The functionality is pulled from Trusted Solaris, Sun's more secure operating system offering.
  • Sun also updated its Linux-based Java Desktop System (JDS). JDS is available for $50 per desktop or $25 per employee until December 2004. According to Sun, most of the changes benefit IT managers: remote management, centralized policy and configuration management, and maintenance. Very little has been updated in the user software portion of JDS.

The Week in "Just About Being Quotable"

When it's announcement time for Sun, the senior executives are often spotted out throwing elbows to get good media churn going. This week, operating system buffs and hardware enthusiasts alike were given something to ponder.

Sun's president and COO Jonathan Schwartz was widely quoted as saying it's only a matter of time before Sun makes Solaris open source:

"I don't want to say when that will happen. But make no mistake, we will open source Solaris," he said. Schwartz noted that the company is looking for the best way to license the offering and hinted broadly that the GNU Public License is probably out, as he maintains Linux is a little too free for Sun's comfort.

Three years ago, this would have been like Nixon going to China. Now? Sun is pushing hard to get into services and subscriptions, and it clearly understands that at some point a free alternative to a proprietary product will be feature-identical. Why not open up Solaris' source? It's only a matter of time before the operating system doesn't offer anything users can't find in Linux or a BSD.

The other notable quotable from Mr. Schwartz came in an interview with Reuters:

"In our world, you will subscribe to the software and the hardware is free," he said, which caused a lot of 'net wags to note that Bill Gates has been spotted saying similarly hopeful things. Once again, it makes sense for a company pushing services, though we'll admit we never expected Sun to fall quite that head over heels in love with commodity hardware.

>> To Other News
>> To Security Roundup
>> To Tips of the Trade

Page 1 of 2

Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.