Comparing software products can be approached in many ways. Different organizations have different concerns. For some money is a major factor, for others support or the richness of an application’s feature set. Everyone wants the moon on a stick for $24.99, but in the end we will all eventually compromise. When looking at any …
You could have started learning un*x 30-odd years ago.
Totally modern desktop, all mod-cons, no need to re-learn things as simple as installation procedures every couple of years. What's not to like?
30 odd years ago? Difficult to learn something before you were conceived. For the record though, I do a lot of Linux work. Just not on the desktop, as we have industry specific applications with no Linux alternative, not enough money in house to re-code them, and vendors with no motivation to port to Linux.
Welcome to working for an SME…
Today's yoof ... no scope at all.
"Difficult to learn something before you were conceived."
Maybe that was my point? Some of us have been doing this for a very long time, at least in human terms. Marketing hasn't corrupted all of us ...
"For the record though, I do a lot of Linux work. Just not on the desktop, as we have industry specific applications with no Linux alternative, not enough money in house to re-code them, and vendors with no motivation to port to Linux."
My own dozen or so businesses software needs have been handled nicely by un*x for a couple decades now. Your "lack of alternatives", to me, reads "short sighted developers".
"Welcome to working for an SME…"
You are young. Eventually, you will learn how to make SMBs work for you. Maybe.
Have ever considered, just the once, that there might be room in this world for philosophies and approaches different than your own? You make a blanket judgment that I have been "corrupted by marketing." I have to disagree; I am platform agnostic, and a sceptic of all platforms, regardless of origin or publisher.
I simply see value (and faults) in all offerings available. Windows has it's place, as does OSX, Unix or Linux.
Not everyone has all the alternatives available to them. You might read “lack of alternatives” as “short sighted developers,” and you may well be right. Your being right or wrong about this doesn’t do a thing to enhance the number of options available to me. I am not a programmer. I can script, largely in varied languages beginning with a P, but I am not capable of sitting down and re-writing an industry specific application with two decades of development behind it. My specialty is lashing together systems that were never designed to interoperate, and doing so on as narrow a budget as humanly possible.
I can appreciate you are older, with a great deal of Unix and Linux experience, but why the evangelical approach to commenting? Is there no room in your world for different approaches to problem resolution than that which you prefer? I simply fail to understand why you are consistently adversarial.
If I have offended you in some way to cause this, I apologise.
"Ghost is not that expensive"
(BTW I totally agree with jake above)
Back in the days of Ghost 4 (or thereabouts) I made a name for myself by reminding my colleagues at corporate headquarters that Ghost was licensed per machine, not per IT tech.
Their management looked at the license conditions, realized there is no way to prove a machine HASN'T been ghosted and as there were already ghosted machines on the campus decided they were obliged to purchase a license for every machine in the company - ghosted or not.
Many thousands of unbudgeted dollars spent because a couple of desktop techs had a good idea.
Not perhaps the best way way for someone in a branch office on another continent to introduce himself to corporate management, but I did remain an employee several years longer than my above-mentioned colleagues.
Ghost's volume licensing is actually really fair. Sure, if you are buying one license it's $50 a machine, but it scales down to $16 a machine pretty fast. It's not perfect, and to be honest with you in my production environment I am going to end up using FOG and Clonezilla mostly due to cost.
Still, for anyone with a moderate budget Ghost is actually pretty cheap. It's easy to use, feature rich, and training time is virtually non existent if the IT staffer has more than 12 brain cells to rub together.
Every environment is different of course; I’ll be honest, I wish I had the money for a full blown SCCM, Altris of KACE deployment. I don’t. I barely have the money for ghost on my critical boxes; I absolutely rely on open source offerings for everything else.
Yet I have several sysadmin friends not so budget-constrained; they build the cost of ghost into every metal box they buy. For them, it’s as much a part of the base system build as the OS or Antivirus package. Each environment is unique, and while I can offer advice...there is no “one perfect solution” or “one perfect way of doing things.”
I will agree though that the smaller the business, the less sense ghost makes. At $50 a pop, Ghost looks really unattractive. At $16 a crack, that’s a cost per system that I can swallow.
When faced real enterprise-class competition from both FOG and Clonezilla, it is my opinion that Symantec need to very closely re-examine their SME pricing for Symantec Ghost Solution Suite.
What about scripted software installs
My environment has over 400 Titles of Educational software. Each classroom has a different need and so does each child. We have to prepare scripted installs of each piece of software, typically creating msi's. This article doesn't fully accommodate the need of preparing software for delivery after the imaging process. If your solution is to just build images, how do you handle an environment with 400 titles of software that is not needed by everyone. Are you going to make an image for every combination of need. You should accurately represent the merit of repackaging and scripting the installs of software. This article speaks only to those who don't have dynamic environments. K-12 institutions like mine have to jump when needed and install that new piece of education software in a nonadmin-privileged environment. Scripted silent installs of software is a foundational need. How else are you going to deploy software? We have been using a product called Altiris. We have the ability to repackage a piece of software, and in a console-control panel called eXpress.exe simply drop the software package icon on to a host of computers or one and our silent scripting does the rest. Now we could make images that include installed software, but why for 1 piece of software? We have 4000 computers are we to reimage for every software need?
There is another article by me around here somewhere, (or there will be soon) that talks about scripted installs. (It was part of this set.) Long story short; Microsoft is abandoning scripted installs in favour of imaging. It is done, dead, kaput. Also; RIS was a pain in the...
...that said, there is an open source application called WINNER. The website sort of looks like it might be a terrible Phishing experiment gone wrong, but the application is absolutely fantastic. Easy to use, works great...you won't be disappointed.
Altris was simply out of my price range to review. I can only review what I can get my grubby little mitts on, and I work for a small business. I dram one day of being able to afford it, but like anything VMWare that isn’t the bare-bones ESXi…that’s just not going happen.
Also bear in mind that application deployment can be done through Active Directory, or Novell’s excellent offerings. There are other systems management applications that play on an enterprise scale that can allow you to deploy applications as well.
We use Wyse clients as our physical desktops, with our staff RDPing into VMs for their real work. Wyse offers some neat tools to deploy applications to their thin clients, should you ever have the need, and they are Really Frakking Cool to play with. :D. I am still getting over the “hurray” of having tiny, solid state thin clients instead of 75 banged up 11-year-old junkers that constantly crap out damaged disks and dead DIMMs.
The downside to package-based application deployment is not only complexity but compatibility. Many applications, (especially those dang industry-specific ones made by vendors who know they are the only ones offering a product that does X) simply don’t wrap up in a nice little ball for deployment. No command line installers, no MSI…all graphical, requiring input, and probably barely functional unless you stand on your head while petting a cat and praying to Bob while holding the left shift key during the final phase of the install.
When and where you can use packaged installers, they can certainly make your life easier, especially to update a single application after you have already deployed your initial images. (I honestly find images easier for initial setup, but do use AD package-deployed apps where I can.)
I am compiling a list of these things though. If I get the chance and the go ahead from the folks in charge, then one of my later articles will review products that I didn’t have time (or the means) to before.
In the meantime, you should take your complaint up with Microsoft. That they have abandonned scripted installs with WDS is something I think was very shortsighted of them...
Stay tuned, and thanks for leaving comments!
Thanks for another great article. I just saw your post in the comments of "the art of desktop deployment", so I think I'm probably reading these in your intended order.
I didn't know either of the open source tools you mentioned so will definitely give them a look.
On the subject of PING, it does have the ability to push out an install to a machine via PXE boot but I have to admit I haven't tried it but was intending to get things set up to start using it for machine reinstalls in the next few months. Could you expand a little bit on the troubles you encountered?
It is not so much "troubles encountered" as "ease of use." Ping requires more user intervention, (read: bodies pushing buttons) on the receiving computer than I like. (So does Clonezillia, btw, which I why I wouldn't recommend it for PXE distribution.) PING seemed to freak out whenever it encountered things exotic; Windows 7 for example, Software RAIDs or volumes tha spanned multiple disks.
There are work around for (some) of the issues I encountered in the Forums. There may even be work around for all of them. The truth is that it simply required more manual intervention than the alternatives, and a lot of research if you did anything even slightly off beat with it. (Also: don't even think about trying to image more than about 10 machines at a time with it. Just...don't.)
FOG on the other hand was absolutely fantastic. Brilliant even. For PXE distribution I'd put it head to head with Ghost in almost every way. Now, let's be honest with each other here; Ghost has been around a while. A long while. It has many very well paid programmers adding things to it all the time and as such Ghost can deal with far, FAR more exotic circumstances than FOG.
Still, FOG has a pretty good feature set, and can deal with probably 80% of all possible ghosting requirements out there.
I’d go so far as to say that if all you are doing is taking an image of a system and then distributing it to a set of computers that are largely the same…FOG kicks the ass of everything else out there. It’s quicker to use, easier to set up, well documented and free.
If you want to do something neat, like for example run a nightly backup of a live running Windows XP box, “genericise” the image such that you could then install it on a system with (for example) an Intel, nVidia or Via chipset should it be required…just don’t bother with anything else, go for ghost. If you want to update your images on the fly with drivers of windows updates without having to fire the image up on a test system…go straight to ghost.
Clonezilla is a tool for administrators that are standing in front of the computer in question, have the time to stick a physical boot disk in it and answer questions on the screen. You save the image to a flash key or a network share. You expect that if you ever have to use this image, you will be able to use a boot CD in the target computer in the same way.
FOG is a tool for taking an image of a computer, (say a prototype for a new desktop rollout of identical machines,) and then pushing it out to dozens or hundreds of systems SIMULTAINIOUSLY with no user intervention. If you are using a “genericised” Vista or Windows 7 install, then it can also be used to push out the same image to multiple systems running different hardware, either as an upgrade, or simply because you are using an image a few months old and don’t want to redo it for a new set of hardware you purchased.
WINNER is a scripted installer that lets you push Windows XP out to multiple simultaneous systems of different hardware configurations, but this is different and more complicated than imaging.
Ghost is what you use if you are lazy, have money, or want to do exotic things the others aren’t quite so good at. It’s probably the easiest to use of the bunch, but is the only “you have to pay for it” option in my list.
WDS is…a nice try…but not quite measuring up to the competition.
Getting into the really heavy hitters of enterprise desktop management we have KACE, Altris and SCCM. These do more than scripted installs or imaging; they take care of every aspect of your desktops. You pay for that convenience, but if you can afford it, they are worth every single penny.
I hope that helps!
" Open To Anyone "
I totally agree with article and the point about for $24.99 people want the moon but l have found that by downloading either updated software from my computer operating system supplier and then searching yourselves or people like CNet l can obtain the best of both worlds.
As regards title of this article " Open To Anyone" l believe that open source is how it should have been with people having the right to choose their software providers and in so doing can donate or provide their services to mailing lists etc. This would provide a way for us all to feel part of this world wide web and make our contributions as we see fit but also we would see for real the people who really wanted a free internet service as it was intended or others - no name no pack drill but they know who they are - that just want profits for themselves and not as a way of sharing.
PS - Ta for the free software sorry could not thank you for the freebies but using at least 3 including CCleaner.
Thanks for taking the time to listen to readers comments and give an expansive reply
Thanks for taking the time to reply back with a long and detailed post which I think we can all benefit from to better place the tools mentioned in your article.
My needs are simple and the hardware in use does not vary much. In all likelihood I will do a reinstall of one or two machines a year to clean up a machine when a user leaves the organisation (crossing fingers that malware doesn't strike down all my machines), as such my use case for PING is very much the one you outline for Clonezilla and explains why I have not encountered any difficulties.
I'll certainly take the time to look into FOG when time allows since it sounds like a more capable solution. In fact I started with PING because I needed to find something (anything) to cover myself in the case of user PC problems - I'm the only IT guy in the company and I don't have time to reinstall 20 machines from scratch... and of course I had no budget available. My aim was to find an open source ghost since that was the only tool I knew of. A little bit of google and some background research and PING got the job.
This is where I really appreciate your articles as I'm very much new to the whole admin in a small business side of things and am more or less putting it all together from scratch as I go along. Having the experience of someone who's already taken the time to do the research is a fantastic find for me.
As an aside, I've just finished working through your other articles and want to say a big thanks for all the ones you've written. I'll look forward to seeing more from you in the future.
I would consider you a kindred spirit, sir. You are describing me, ten years ago. I have been using computers as far back as I can remember. I still have my first typed document, punched up when I was 4. By 8 I was formatting disks and reinstalling DOS, 10 saw me building my first PCs and by 12 I had a home Ethernet network with systems that had multiple OSes. (This was because at 12 we got our first connection to "the internet," as opposed to dialling up BBSes, and while Daddy was trying to figure out what this internet thing was, I was trolling Usenet, and playing with Gopher.)
I'd paid my dues by the time school post secondary was over; years of call centers, crappy bench-tech jobs and holding together the networks of the schools I attended. When I finished post secondary (and a truly awful practicum,) I got a gig as the sole systems administrator at an up-and-coming small business. It was exciting to get away from the “scut work” I’d been doing for over a decade by then, and finally have someone else’s servers to play with. Bear in mind that “someone else’s servers” at this point described a pair of P4 2.8s desktops with 2gig RAM and a whopping 120GB of desktop-class spinning storage. (Cue cheering.)
Now, I have the pleasure of working beside a very competent systems administrator and we have a bench tech of our very own. We have an in-house programmer and customer-support rep. We run 50 physical servers with over 200 VMs. We sit on 4x 100Mbit fibre pipes, and during the “busy season” we can have 2TB a day of information hitting our servers from the outside, which turns into about 50TB of data that will fly across the internal network as a result.
I also keep an eye on several other smaller networks, both home setups and reasonable-sized businesses, all who simply can’t afford their own full-time admin.
As luck would have it, I get the opportunity to play with higher-end gear through contacts I have with sysadmins working on much larger installations. I spend a lot of time reading things here on El Reg, Ars, and studying whitepapers and anything else I can get my hands on to keep my skills relevant. Thanks to good friends and better luck I have had so many chances to play with new toys that despite the day job, my knowledge isn’t strictly confined to the tools I can afford to use.
Still, you personally are essentially the “target market” of my articles. I am for all intents and purposes a Small to Medium Enterprise systems administrator, and when I write what I write…
…it’s to help my SME brethren out.
Glad you are liking the articles, and good luck with the network.