Management features are among the most significant aspects of a network operating system. The true on-going cost of an operating system can easily be measured in terms of administrative overhead. Therefore, having an excellent management sub-system will greatly reduce total cost of ownership. Features to look for include a strong, hierarchical, scalable, and extensible directory; excellent management tools; infrastructure to manage application deployment and user desktops; and a comprehensive security implementation to ensure data safety.
Windows 2000 Server provides the most integrated and comprehensive management solution. Active Directory is the most scalable, standards-based, and extensible solution of the three directories evaluated. Particularly impressive is the Microsoft Management Console (MMC) technology, which is the basis of all management tools. The most complete infrastructure to manage applications and desktops is provided. It features many unrivaled capabilities such as user data management (IntelliMirror), application installation services (Windows Installer), or remote operating system installation – features that are unmatched by the other two solutions. Provided in both Windows NT Server 4.0 and Windows 2000 is a Common Information Model (CIM) based on the WBEM standard. Via CIM, WMI allows management applications used by the administrator to access and control all managed devices, drivers, services, and applications in a single, consistent way. The management scripting and directory-enabled development implementation is also the most comprehensive. Windows 2000 is the only solution to support Kerberos, TLS, and smart card authentication and provide an encrypting file system for security.
In the area of management and directory services, Solaris 7 provides a fairly comprehensive solution. Sun Directory Services 3.1 provides a fully LDAP-enabled directory service implementation, which supports legacy NIS systems and RADIUS for remote access. Sun provides the Solaris Management Console 1.0 (SMC) for GUI-based management of local and remote systems, which isn’t as powerful or intuitive as Windows NT or Windows 2000 management tools. One area in which Solaris 7 seems to outperform Windows NT and Windows 2000 is remote management. While it is true that many powerful command line tools are available to remotely manage systems, these command-line tools have no GUI counterparts for the most part. Further, with the addition of Windows Script Host and Netsh to an already strong line-up of command-line tools, Windows NT and Windows 2000 can match the command-line capabilities of Solaris feature for feature. Solaris 7 does provide a feature-complete implementation of security tools. Kerberos V5, TLS, Smart Cards, X.509 Certificate Servers, 40-bit and 128-bit SSL are all available. However, there is no single tool or location that allows the administration of all aspects of security management.
Although it offers a good management infrastructure, Windows NT Server 4.0 falls into last place by its dated, non-extensible directory. It lacks key features in the other solutions, such as application distribution and management, user data management, and advanced authentication or encryption options. Its strongest points are GUI tools, MMC support, WBEM support, management scripting, and an excellent desktop management toolkit.
Feature Table
Feature
|
Solaris 7
|
Windows NT Server 4.0
|
Windows 2000 Server
|
Directory Services
|
|
|
■
|
Hierarchical Directory
|
■
|
□
|
■
|
Supports Partitioning
|
■
|
□
|
■
|
Multi-Master Replication
|
□
|
□
|
■
|
Catalog Services
|
□
|
□
|
■
|
Real-time Catalog/Directory Access
|
□
|
□
|
■
|
Same Security Model for Catalog & Native Directory
|
□
|
□
|
■
|
LDAP Support
|
■
|
□
|
■
|
Native LDAP Integration
|
■
|
□
|
■
|
LDAP & Directory Utilize Similar Naming
|
■
|
□
|
■
|
All Directory Interfaces LDAP-exposed
|
■
|
□
|
■
|
LDAP Uses Same Directory Security Model
|
■
|
□
|
■
|
DNS Support
|
■
|
■
|
■
|
Single Network Sign-On
|
■
|
■
|
■
|
Inheritance Model
|
Static
|
Static
|
Enhanced, Real-time Static
|
Included Development Model
|
□
|
□
|
■
|
Synchronization & Consolidation Platform
|
□
|
□
|
■
|
Management Infrastructure
|
|
|
|
Command-line Administration
|
■
|
■
|
■
|
Windows Administration / GUI Administration
|
■
|
■
|
■
|
Java-based Administration
|
■
|
□
|
□
|
Integrated Management Tools
|
■
|
■
|
■
|
Extensible Management Tools
|
■
|
■
|
■
|
SNMP Support
|
■
|
■
|
■
|
Management Scripting
|
■
|
■
|
■
|
Java Scripting Support
|
■
|
■
|
■
|
Visual Basic Scripting Support
|
□
|
■
|
■
|
JavaScript Scripting Support
|
■
|
■
|
■
|
Extensible Scripting Engine
|
□
|
■
|
■
|
WBEM Support
|
■
|
■
|
■
|
Application Deployment Services
|
■
|
□
|
■
|
Application Installation Services
|
■
|
□
|
■
|
Group Policy Services
|
□
|
■
|
■
|
Desktop Change & Configuration Management
|
|
|
|
User Data Management Services
|
□
|
□
|
■
|
Synchronization Between Client/Server of User Data
|
□
|
□
|
■
|
Desktop Application Management
|
■
|
□
|
■
|
Advertised Applications
|
□
|
□
|
■
|
Assigned Applications
|
□
|
□
|
■
|
Published Applications
|
□
|
□
|
■
|
User Settings Management
|
□
|
■
|
■
|
Define Desktop Settings for Users
|
□
|
■
|
■
|
Roaming User Support
|
□
|
■
|
■
|
Lock-down of User Desktop Settings
|
□
|
■
|
■
|
Remote Operating System Installation
|
■
|
□
|
■
|
Security
|
|
|
|
Kerberos Authentication
|
■
|
□
|
■
|
Transport Layer Security (TLS) Authentication
|
■
|
□
|
■
|
Smart Card Support
|
■
|
□
|
■
|
X.509 Certificate Server
|
■
|
■
|
■
|
Certificate Server / Directory Integration
|
■
|
□
|
■
|
Centralized Security Management
|
■
|
■
|
■
|
40-bit SSL Support
|
■
|
■
|
■
|
128-bit Strong SSL Support
|
■
|
■
|
■
|
File System Encryption
|
■
|
□
|
■
|
|
