When the goal is better security and reduced management costs, Microsoft chooses to scrap the GUI.
There is irony in the fact that IBM--and its Business Partners--are charging ahead as fast as they can to put a GUI onto everything related to IBM i (i5/OS) while Microsoft, in its latest version of Windows Server 2008, is actually removing the GUI.
The successor to Windows Server 2003, Windows Server 2008 was released in late February with new technical, security, management, and administrative features. These include such things as a rewritten networking stack with native IPv6 and native wireless functions, improved diagnostics and reporting tools, new security features such as Bitlocker and ASLR, a better firewall, .NET Framework 3.0 technologies, as well as core kernel, memory, and file system improvements.
Among the stand-up-and-take-notice features of Windows Server 2008 is an installation variant called Server Core. Useful for server roles such as Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS), as a DHCP or DNS server, or for file or print services, a Server Core installation may be suitable as well for streaming media, Internet Information Services (IIS), or Windows virtualization. (Hyper-V virtual server is still in beta and expected to be available by this fall).
Server Core installation of Windows Server 2008 doesn't include the traditional full GUI. This makes managing the server a bit different in that you can only do so locally at a command prompt or remotely through a terminal server connection. There is, however, the option to use the Microsoft Management Console (MMC) and, I suppose, command prompt tools that may support remote use.
Why did Microsoft abandon its cherished GUI in Windows Server 2008 Server Core? For one thing, it greatly reduces maintenance since there is a need for fewer updates. Less maintenance means reduced management. Isn't that what IBM has been trying to tell customers of the Power Systems i Edition (System i) for quite some time now? Let's see, could the third reason that Microsoft decided to bag the GUI with Server Core have anything to do with security? Why yes! Doing so reduces the attack surface, or scope of functionality available to unauthenticated users. Isn't the Power Systems i Edition known for its superior security features and resilience to viruses and malware? Could it have anything to do with this issue of user interface?
Let's look at a few commands in the Server Core installation of Windows Server 2008, arguably the most modern, non-legacy, thought-out, security-minded, Internet-savvy, virtualization-ready operating system on the market today. To add a user to the local administrators group, one types this at the command prompt:
net localgroup Administrators /delete
<domainusername>
To install an optional feature:
start /w ocsetup <featurename>
Existing features have already been given names like FailoverCluster-Core or NetworkLoadBalancingHeadlessServer.
If you want to reboot the server, you type this at the command prompt:
shutdown /r /t 0
Does this sound like the traditional drag-and-click GUI that people have come to know and love? No! Why? Because it's more stable and more secure. Thank you.
Granted, it's just Server Core, a significantly scaled-back installation of Windows Server 2008 that has no Windows Explorer shell, but the implications of Microsoft's chosen implementation, and the reasons behind it, speak volumes about IBM's position with regard to i5/OS, or IBM i.
All right, so the point is made. Let's talk a little about other features of Windows Server 2008, in particular Windows Server Hyper-V. This built-in hypervisor-based server virtualization technology allows users to consolidate multiple server roles as separate virtual machines running on a single virtual machine. It also allows the user to run multiple operating systems, such as Windows, Linux, and others, in parallel on a single server. The benefit is expected to be cost savings through special Hyper-V licensing policies. Applications also can be virtualized using the operating system's centralized application access technologies. Remote access to standard Windows applications can be obtained from anywhere without a virtual private network by using Microsoft's Terminal Services Gateway and Terminal Services RemoteApp.
The only issue is that Microsoft is still working on its virtualization technology, and users get a beta version of Hyper-V with Windows Server 2008. The GA release is promised within 180 days of the operating system's release, which was last February 27, so we're probably looking at around September 1. Is it likely to still have bugs? Let's see, did Vista continue to have problems after its GA release?
I need not mention here that PowerVM is the outgrowth of Advanced POWER Virtualization, a proven IBM virtualization technology. Granted, not all PowerVM features are available on all Power Systems models (for a complete feature rundown, click here), but the fact that PowerVM is available on Express Models 520 and 550 as well as the BladeCenter servers, Models JS12 and JS22, means that virtualization technology is available to the SMB market that otherwise might want to consolidate through Windows Server 2008.
Do you get the feeling that there really isn't as large a philosophical gap between the platforms here as we once thought? It's really more a question of what works, what is going to be secure, and how much money the user is going to make or save by upgrading. The whole argument of "old versus modern technology" may have just evaporated.
LATEST COMMENTS
MC Press Online