The Solaris Enterprise Server, which hasn’t been officially released yet, takes the opposite approach from a departmental Windows NT server and is instead designed to run business-critical applications and e-commerce solutions in a high-traffic situation.
Intranet managers will note the many tools designed for network deployment. Clustering technology provides high availability for database applications, application servers and standard applications. A Resource Manager enforces system performance by allocating resources efficiently on the network, while the Bandwidth Manager prevents IP congestion by efficient routing based on mission-critical needs. A disk manager allows for a tight control over disk usage, including the online expansion of file systems, file concatenation, disk striping, hot spares, UFS logging, and RAID level 5 support. In addition, the Enterprise Server adds advanced security functionality, with authentication based on Kerberos V5.
However, like the Easy Access Server, the Enterprise Server lacks many of the basic Internet services that most sites would recognize as being essential, such as a Web server and a news server. Still, for the enterprise that plans on a lot of intense database work or application-server deployment, the Enterprise Server adds the authentication and load-balancing tools essential for this level of usage; just don’t be surprised when you need to install and perhaps pay for a Web server and other Internet software.
Solaris ISP Server
The Web server, missing from the above two servers, is of course the centerpiece of the Solaris ISP Server package. Designed for Internet Service Providers (ISPs), it’s also worth a second look for system administrators focusing on Internet services. The Internet Administrator tool is used for browser-based installation and administration as well as configuration replication. (However, you’re never too far away from UNIX — a command line is also supported.) The Host Configuration application disables standard Solaris services (such as rlogin or fingerd) that don’t mesh with other services. If you choose to deploy the Sun Web server, news server and FTP server (more on that later), you’ll have three tools that are integrated with the system authentication directory service as well as featuring uniform Web-based administration. In addition, the software includes replicable install/uninstall capabilities, intrusion detection, server process monitoring and log-file management.
Most noteworthy is the added security features in the Solaris ISP, designed to deter outside users from prying into areas where they lack proper authorization. Users expect that personal information stored on their ISP account will remain private — including mail archives and billing information — so security is of paramount concern in the ISP world. Pluggable authentication modules enable different authentication methods for different users and different services, while access controls enable the delegation of management access. In other words, users can have access to specified management tools without being given root access. Of course, with this power comes responsibility, as management functions are logged automatically.
For situations where multiple servers are administered, the SunScreen SKIP software provides secure server-to-server IP-layer encryption.
In addition, the Solaris for ISPs bundle includes the aforementioned Sun Directory Services, used to provide LDAP directory information, including user-access and privileges data. The Internet Services Monitor works with six Internet protocols (HTTP, IMAP4, POP3, SMTP, NNTP and LDAP) and issues reports on performance metrics.
Not that there’s anything wrong with the Sun offerings for Web, news and FTP access, but they tend not to be on the cutting edge. The Web server is a rather vanilla server that does support HTTP 1.1, virtual hosts, content negotiation and the Secure Sockets Layer (SSL) 3.0. It can, however, be scaled on a single machine by enabling multiple server processes managed by a single, common administrative GUI. In a concession to the realities of the marketplace, you’ll find support for the Microsoft FrontPage extensions. And, as you might expect, there’s some decent support for Java with the Java Servlet Development Kit.
The news server is similarly competent. It’s set up using a Web-based configuration tool, and for further maintenance you can choose between the Web-based GUI or the InterNetNews (INN) command-line interface. By separating the news feed and the connection into separate processes, the news server can scale to thousands of simultaneous, multithreaded connections.
Finally, the FTP server supports IP-based virtual hosting as well as permissions based on the LDAP information.
However, there is one limitation to the ISP bundle that may prove to be annoying at best and very expensive at worst. You’re not actually given all three servers — a Web server, a news server and an FTP server — when you enter into a license agreement. You have your choice of one of the three with the basic Solaris for ISPs agreement; if you want the other two, you’ll need to pay extra, since they are considered add-ons. (Unfortunately, for an ISP all three are essential — an ISP would quickly go out of business if it didn’t offer Usenet newsgroups, FTP services or Web access.) This means you’ll likely need to cough up some extra cash
Since you can easily download and configure the Apache HTTP Server on a Solaris system — or go with the Netscape Enterprise Server if you’re more comfortable with a commercially supported server — your real choice is between the FTP and news servers. Again, there are a slew of good commercialware news servers that can be downloaded from the Internet and then purchased (such as the popular DNEWS News Server), while there’s not a wide selection of open-source or freeware FTP servers for Sun Solaris.