Enterprise Unix Roundup: Sun From Behind the Clouds
Months and months ago, Sun staged a press conference to let the world know about Project Orion: a "software train" of tightly integrated apps and innovative licensing that would revolutionize the way software is bought and (although it wasn't quite phrased this way) put Sun back in the game after an unseemly period of post-bust disorientation. Sun's software train has pulled into the depot with a new name. Michael Hall checks out the routes and fares, and offers insight on where it may be going. ssh and sendmail were bitten by bugs this week, and we offer a tip for checking ssh config files.
At the time, anyone who asked us whether Orion would do much good for Sun didn't get a "yes" or "no" answer. All we had to say was, "It'd better." There wasn't much more to say, especially since Sun wasn't telling anyone what anything was going to cost, or what exactly it was offering at all. We went back to fishing while Sun spent an apparently productive summer cutting bait.
At the SunNetwork 2003 Conference this week, Orion was finally unveiled as the "Sun Java Enterprise System," and we're content to say that the company is at least looking a little more clear-eyed than it did at the beginning of the year, clear-eyed enough that the moves Sun is making have gone from what we'd call "lurching," or perhaps "disoriented," to "engaged" and "focused."
So what does the long-awaited Orion, excuse us, Sun Java Enterprise System (JES), amount to? Essentially, the company has pared away the "death of 1,000 cuts" approach to software sales by introducing a $100 per employee/per year offering that provides a stack of services without a lot of haggling over each piece of the solution. The stack includes directory, identity, messaging, instant messaging, clustering, portal, and calendar services.
Intrigued, we fired up our spreadsheets, laden with data about an imaginary company, and found that JES' pricing is, well, easier to figure out than managing a hodgepodge of "$X for Y users" licenses, at least.
Some might argue that there are nuances involved here, especially as companies grow in size, and Sun's allowed for that, as well, by sweetening the pot for organizations with 1,000, 5,000, and 20,000 employees. Organizations of those sizes get an increasing amount of support, service, and training credits thrown in. Renewal costs are capped at 5 percent per year.
On the positive side, we see this as Sun managing to do for sales what it's always gotten credit for in product: tight packaging and a clean sense of interlocking parts.
On the other hand, we're inclined to reiterate concerns we had back in the dog IT days of July when we said "If customers begin to feel like an across-the-board Sun solution is being snuck under the door in the form of 'pre-integrated' servers, they'll look even more carefully at the alternatives," meaning $100 per employee/per year is competitive for companies buying whole enchiladas, not necessarily those buying separate quantities of beans, tostadas, and lettuce.
So our bold prediction is that JES is probably just the ticket for Sun to shore up its existing customer base and staunch the blood loss it suffered while it staggered around by the side of the post-boom highway.
We'll take our turn cutting bait while Sun fishes: Whether JES gets more customers or not is anyone's guess, and we're still saying "it'd better."
Why do we say "it'd better?" One other bit of Sun news, grudgingly confirmed in what should have been a week of product announcements and general enthusiasm for second winds, was the unaddressed irony of all the talk about how software sales have been simplified: Sun has been quietly engaging in layoffs during the past week, cutting upward of 1,000 workers, many from its sales department. Sun reportedly chalked the matter up to "selected workforce adjustments," which must be why Scott McNealy was assuring reporters that Sun wouldn't be undergoing more layoffs in a Q&A after his SunNetwork keynote at the beginning of the week.
This is usually the point in the column where we'd segue over to "In Other News," but Sun has pretty much owned the Unix headlines as far as the past few days are concerned, and we need to get a little more out of the way where it's concerned (and confess that our crystal ball was a little foggy).
Unwrapping Mad Hatter
In addition to launching the Java Enterprise System, Sun also took the wraps off what had been called "Mad Hatter" and is now to be sold as the "Java Desktop System" (JDS). The launch contributed to our sense of Sun's newfound agressiveness, since there's no way around the fact that Sun wants a piece of Microsoft on the desktop. JDS is essentially a repackaging of several open source mainstays (the Mozilla browser, the GNOME desktop, Ximian's Evolution PIM/mail client, and Sun's own StarOffice application suite) into an appropriately slick desktop package Sun is selling for the flat rate of $100 (even less for JES purchasers). Some cosmetic modifications to Java's look allow Java apps to integrate with the GNOME desktop's native GTK+ toolkit, and the whole thing is further tied in to the big Sun picture through identity and directory services integration. The whole offering sits atop a modified Linux distribution running on commodity x86 hardware with modest specifications (Sun claims a 266 Mhz Pentium Pro would be adequate).
Our take on the prospects of this offering are less sanguine than they are for the broader JES picture. The desktop market is a jagged reef against which plenty of players have dashed themselves. The extent to which other Unix players have taken a look at the same suite of software during the past few years and politely declined direct engagement with Microsoft in this market (IBM springs to mind) is noteworthy. Linux cheerleaders will be happy to see yet another Big Company tackling their most hated enemy (oh, wait, that's SCO lately), but we suspect there will be much squawking and tooth-pulling before Linux desktops are widespread in many enterprises beyond the engineer and geek pools.
What was that we said about a foggy crystal ball? It turns out that the foundation operating system for the JDS desktop isn't Red Hat's Linux (which Linux watchers far more attuned than we maintained right up until this week), but that of the German company SuSE. We'll own up to being mildly surprised.
SuSE turns out a fine desktop product all on its own, but it's largely an also-ran in the United States, where Red Hat is much more popular for both commodity servers and desktop systems. Where Red Hat has made moves against Sun by driving the "toss SPARC and Solaris and head over to Dell and Linux" train, SuSE has been quietly working the Linux-on-mainframe angle. We remember Sun fussing about mainframes a few years ago, after IBM earned a few high-profile contracts that cost Sun customers, but SuSE's limited presence in the United States) just isn't the same threat as Red Hat.
Hence, Sun's choice makes sense.
Another winner in all this desktop stuff, by the way, continues to be Ximian, Novell's recent acquisition. Its Outlook-like Evolution software is finding its way onto more and more desktops, making it the de facto modern Unix mail and calendaring client. To no small extent, Novell is a company poised to make mischief for Sun's JSE plans with its own arrival in the Unix world and dreams of the services to be sold there.
The past few weeks have been quiet as far as major security news, but in the past two days some rather ugly bugs reared their heads in two Unix-land mainstays: ssh and sendmail. Both bugs are remotely exploitable, which means they aren't run-of-the-mill "malicious user gets really lucky and crashes a daemon" sorts of problems; they could expose systems to compromise by outside attackers.
The ssh flaw bears close scrutiny, even if you think it's already been patched: Not long after the initial report (and widespread release of patches from several vendors and distributors), the OpenSSH team found yet another problem and released a second patch. Make sure you reconcile what you're running with the latest news from the OpenSSH web site, or check back with your vendor.
The sendmail bug has also been widely patched. Check your vendor or distributor. If they haven't patched it yet, there's always sendmail's homepage for the source.
Tips of the Trade
Since ssh is on our mind this week:
If you're like us and have several machines to access via ssh, each with different user names, or maybe lengthy host names, you should check out your ssh config file, which usually lives under ".ssh" in your home directory ("~/.ssh/config", in other words). An ssh config file offers a number of options, but here's a way to shorten a host name and specify your username.
Assume our local user name is "bob," and we'd ordinarily login to the machine reallylonghostname.ourcompany.net with the username "slartibartfast." Without a config file, the login command would look something like:
ssh -l slartibartfast reallylonghostname.ourcompany.com
Add these lines to ~/.ssh/config:
host webserver hostname reallylonghostname.ourcompany.com user slartibartfast
Then try the login command:
Add as many of these as you have hosts to get at, and suddenly, ssh takes far less typing.