French Police Had The Right Idea
And for a lot less cash.
http://linux.slashdot.org/story/13/10/03/185235/french-police-to-switch-72000-desktop-pcs-to-linux
Banks that use the Windows XP operating system will face a risk to their compliance with payment card data security rules if they continue to operate the software after Microsoft withdraws its extended support services, a US regulatory body has warned. Microsoft confirmed in 2010 that it would end "extended support" for …
So how long will that Linux distribution be vendor supported for then? Anything over a couple of years is pretty exceptional....And then of course major upgrades in Linux don't normally support in place updates, but require a full rebuild...
I bet it isn't actually for lot less cash. Munich already demonstrated that it actually costs millions more to run Linux on the desktop....They are almost certainly not covering the full picture in their 'TCO'
"And then of course major upgrades in Linux don't normally support in place updates, but require a full rebuild"
Save your ignorant uninformed bullshit for the DailyFail, most reg readers are competent across more than one OS and you have only succeeded in making yourself look like either a fanboy, shill, incompetent fool or possibly all three.
"And then of course major upgrades in Linux don't normally support in place updates, but require a full rebuild..."
Care to back up that statement with ... anything at all? While your comment in general seem to be mostly FUD, that part seems to be entirely fictional, wrong and actually 100% backwards.
Ofcourse Linux-based systems support in-place updates and upgrades. And they usually do so much better than Windows, since the default on Linux isn't that a single file-lock can cripple the rest of the OS.
On Windows however, you are almost always forced to reboot the computer after applying updates because file-locks prevents the updates from being done in place. Have a few Adobe or VMWare updates and you will be cursing your computer for the reboot-fest it just became.
TLDR: I think you got your address wrong.
This post has been deleted by its author
"Ofcourse Linux-based systems support in-place updates and upgrades. And they usually do so much better than Windows, since the default on Linux isn't that a single file-lock can cripple the rest of the OS."
Yes, Linux supports upgrades, and for individual programs it usually works fine. However quite often upgrading a distro to the next version doesn't go smoothly and in the worst case results in an unbootable system. And don't start about upgrades 'jumping' over multiple versions. It's certainly not less painful than on Windows, where OS upgrades usually just result in a slower system. I've seen many OS installations that started their live as NT 4 and have been subsequently upgraded to W2k, XP, Vista and W7. On Linux, at least one of the upgrades does fail miserably.
"On Windows however, you are almost always forced to reboot the computer after applying updates because file-locks prevents the updates from being done in place. Have a few Adobe or VMWare updates and you will be cursing your computer for the reboot-fest it just became."
That's mostly nonsense (and I can't remember when was the last time that an Adobe update required a reboot, I guess that must have been back in the Windows98 days. And VMWare, oh well...). Windows supports inline updates (no reboot required) for a very long time, and since Vista many of the few cases where a reboot was previously still required have been made reboot free.
The simple reason why many installers ask you to reboot is because the developer of that piece of software for some reason believes that a reboot would be a good thing. In some cases this is justified, but in many cases it's just down to a poor understanding of how modern day Windows works.
This is a red herring anyway - In 20 years in IT, I've never worked at a major company who does in place upgrades, even if they are available. For servers you don't upgrade production servers, you co-ordinate your server hardware and software upgrades so that you can bring the new service up on the new OS/hardware and seamlessly fail over, once testing is complete. With desktop, having a line in the sand where you rebuild everything from scratch is a good thing, it means that you know all your workstations are at a base level, nobody has any exotic configurations or dodgy non-approved software which has somehow been installed and it's all easier to support. Workstation rollouts I've worked with tend to be either pulled from someone at the desk doing a PXE boot or pushed from a management console. Either way, they will be run by a dedicated build script or workstation image, supplied from a build server. This goes for Linux as much as it goes for Windows.
If you read the document, they started in 2004. So 9 years and not even half way there.
The TCO is compared against their decentralised legacy environment - not an equivalent centralised, managed one.
The cost savings would almost certainly have been higher if they had migrated to Windows 7. Hence why near zero enterprises make such a choice - only government departments who can't afford the best IT executives, and who can persuade politicians with short term headline 'savings' regardless of the eventual real cost.
"CALs went up 15% - which is not far off the rate of inflation since the last increase"
And these Microsoft products contain ever increasing amounts of functionality.
And users are now often using multiple devices, so the cost of per user CALs reflects this....
WTF ?
"CALs went up 15% - which is not far off the rate of inflation since the last increase"
Bullshit !
I don't know what country you are in but for the UK it was 25% followed by 15%.
http://www.computing.co.uk/ctg/news/2228415/microsoft-to-increase-licence-costs-from-december-1
You are either a MS channel sales rep spinning a FUD or a badly informed MCSE who doesn't sign the licensing cheques.
"The realities are that it will cost roughly the same per user no matter which OS you choose"
+ cost of 72,000 desktop migration
+ cost of replatforming everything that they use
+ cost of supporting 2 environments for ~ a decade
= Seems highly unlikely the TCO claims made are valid!
Missing the point, Linux/open source doesn't solve the support and upgrade problem. For example, systems running Ubuntu 8.04 LTS, for example are now out of support as far as Canonical are concerned, so the typical enterprise running these systems are in a similar situation to those running XP...
Steve Davis 3
You're right, some Linux builds have long term support and 10 years is admirable. Outside that though the upgrade costs are broadly similar to any other OS, so aside from the inititial licence purchase vs support contract the savings may be slight. Especially if MS offer 40% more years of support as they have with XP!
I like Linux, not so much for the OS itself but for the fact it creates an alternative and prevents monopoly abuse. Were it not for FOSS I reckon many of our much-used proprietary software would be (more?) under-developed and price-gouging, it benefits everyone.
You need to brush up on your linux. Almost all major distributions now support in place upgrade. The rest no longer have a release cycle, they just keep all the software updated all the time, meaning there is actually no "big upgrade" to do. The rolling upgrade on a lot of them is actually rather awesome. They just need up update the install media every now and then.
It really isn't. I've migrated literally thousands of desktop from XP to Win 7 for Very Large Companies and it ain't that hard. Or expensive. We did it all with in house employees and it did NOT cost millions of dollars.
And good server admins can do the same.
Got specialized software you need to run but is no longer compatible with Win 7 or Server 2010. Update you lazy git! You should have done so years ago.
Got any figures?
4 people in deskside support - $2800 per week.
Per seat license for Win 7 - negotiate per company - avg $50 - X 5000
Conversion time - 3-6 month by attrition or 3 months dedicated project. Actual execution usually a combination. But let's go with the 3 month. $33600 labor.
No new hardware required (despite the myth, Win7 runs just fine on dual cores w 4mb of RAM)
33600 = labor
250000 = license
586000 = total for users conversion
Server side
Office 2010 suite - again negotiable by company - approx $3000 per module, but usually only Exchange.
Labor - 1-3 server admins at approx $4000 per week again 3 month to convert.
Server 2010 Enterprise approx $45000 per processor - at my companies there were no less than 10 main servers running 8+ cores each or 80 cores. - $3,000,000
Now here's where it gets a little more complicated: the 3 million is NOT paid all at once. Usually it's paid over several years. So there will be 2 sets of figures. One is not known and the other is just total. Payment plans are as proprietary as they come and it will be years before I can say anything in public even hypothetically.
So:
48,000 = labor
3000 - Exchange license
3,000,000 = server license
3,051,000 = total
- X payment plan
Grand total for 3 month dedicated conversion - $3,700,000 (rounded)
Minus X payment plans over X years.
In other words, upfront capital isn't that much. Mostly in labor and first payments for licenses.
Does that answer your question? You can send the consulting check to this email.
(all figures are approx avg as each company can negotiate its own costs)
From your figures, it looks like the estate you are using is 3000 seats. So. $3,700,000/3000 gives us, um, $1,233 (rounded) per seat. You really think this is not a lot?
Even if you do have a payment plan (and I'm betting that Microsoft would prefer a subscription plan rather than a deferred payment plan), that is still loading the business with costs that they may not have if they opted to stick with XP.
And the majority of those costs are in license fees, which you may not have if you can find an open-source solution that is adequate.
You've also not factored in any testing, specific business related software costs, or loss of productivity or training costs. If you are doing 3000 seats over a 6 month period, that's 500 a month, or about 25 a day (assuming that you're doing most of the estate during the working week). That's a tall order for 1-3 admins, even assuming you do across the network upgrades in place (which is disruptive to the users). Of course, if you have a homogeneous estate, you could do a replace, upgrade, replace rolling operation which is less disruptive to users, but you will need spare kit to do that, and will need the time to physically move the kit around..
Your earlier comment about a dual-core system with 4GB of memory is interesting. I'm sure that many, many business users of XP will have the majority of their estate running on P4 systems running with <2GB of memory. Places like call-centres do not regularly replace working systems, and the demands of filling in screen forms is such that you don't need much oomph.
For those users, dropping new kit in may not only be essential, but possibly cheaper as well.
4GB. Sorry about the typo.
I'm well aware that many places are still using very old PCs/laptops, however, the article talks about banks, not SMBs, so I addressed that scale. Banks are notoriously skinflint cheap, but they are NOT broke or struggling and easily have the capital to upgrade.
Perhaps I didn't post clearly and for that apologize, but the up front costs are not that much and the final total is certainly a hell of a lot cheaper than a million dollar security breach, which is what you count on having if you stay with XP and again, what this article addresses.
As for the nay-saying in general, where I live, companies of all sizes are upgrading to newer PCs and Win7 every single day and ditching XP as fast as they can. By the thousands.
"Got specialized software you need to run but is no longer compatible with Win 7 or Server 2010. Update you lazy git! You should have done so years ago"
Unless you are using software which *is* prohibitively expensive to upgrade, was made by a vendor no longer in existence but who promised it would be around forever, was bought by a new company who has made the software a shadow of its former self, or moving data to a new program is a prohibitive expense (if possible at all) on top of the extortion charged for the new software.
I have seen all scenarios above. As well as a perpetual license which turned out to not be so perpetual.
That said, I have had great success in running old software in compatibility mode, Windows 7 XP mode, or just plain Virtual PC. It took some time, fumbling around, obscure forum searches and link resurrection, and a smidgeon of intuition, but I have not yet been unable to move a program to Windows 7 or Server 2008R2. Not to say doing so is always possible, I just have not failed, yet, and it is worth a try every time. Yet *sigh*
The key part of the article to me is:
"McFadyen said that businesses are often understandably reluctant to move away from using legacy IT systems due to ... [s]ystem reliability, business continuity and the fact that most security vulnerabilities for the technology may already have been flushed out and resolved ... "
Being forced to upgrade a system that works perfectly well, and would continue to do so if not for a decision made by another company with an effective monopoly for no other reason than to make more more money out of its chattel slaves customers is not good. At the end of the day, we, the individuals dependent on the companies being blackmailed by the regulators acting on behalf of the monopoly are going to suffer, because systems that have worked for years are going to be farted about with. It isn't as if we haven't seen what happens when banks change systems, have we?
Make sure you have a store of cash in the house enough to see you through a week's living expenses.
"And what history does Microsoft have in providing and maintaining secure software"
A better history than enterprise desktop Linux distributions every year without exception since 2004....fewer vulnerabilities, and fewer critical vulnerabilities that on average were fixed faster (fewer days at risk)
"What credible reassurances are provided by Microsoft support?"
A full published support road map for all products - for instance XP will have been supported for circa 13 years by the time it is retired - and paid support is still an option after that.....
State your source...
I almost never hear of a real vulnerability in Linux, i.e. one that can be exploited remotely, yet with windows it is normal to hear of this kind of exploit..
I am serious though, i would love to see a comparison between the two...
The advantage with Linux IS that its open source, i.e. if a vendor stops supporting your version, for large companies you could hire a couple of developers to keep the distro you use updated with the latest patches, and that would be a damn sight cheaper than yearly licenses from Microsoft..
That is why I don't get the UK gov using Windows, it would have made sense very early on to hire their own bods to maintain their own linux distro... whats a good linux developer get paid as a permie? £70k I would guess by the offers I've turned down, so for £1million a year, peanuts for the gov, you could have a team of 10 on your distro with plenty left over for office and hardware.. sure finding tech support is harder, i.e. they NEED to be tech monkeys on the end of the phone not script monkeys (by script I mean read from a script)
"State your source..."
Here is an example for you:
http://www.zone-h.org/news/id/4737
Linux is much easier to attack remotely (yes I am allowing for market share)
The vast majority of Windows 'exploits' rely on stupid activities by users with admin rights.
"you could hire a couple of developers to keep the distro you use updated with the latest patches, and that would be a damn sight cheaper than yearly licenses from Microsoft.."
Sounds like COBOL all over again to me, lots of custom crap that can't be integrated or migrated that hangs around for decades and eventually costs zillions....
"I don't get the UK gov using Windows"
It's substantially cheaper when you look at the big picture.
Here are a few more examples dating back to when Microsoft put security as #1 priority::
http://news.techworld.com/security/1329/forrester-questions-linux-security/
http://technet.microsoft.com/en-us/library/cc512608.aspx
http://blogs.technet.com/b/security/archive/2006/10/19/windows-vs-linux-workstation-comparison-q3-2006.aspx
http://blogs.technet.com/b/security/archive/2006/07/14/441673.aspx
"Linux is much easier to attack remotely (yes I am allowing for market share)"
How exactly are you allowing for market share ?
"Sounds like COBOL all over again to me, lots of custom crap that can't be integrated or migrated that hangs around for decades and eventually costs zillions...."
Well there's a coincidence, that is exactly what I see every day with Windows applications. Case in point migrating an Excel spreadsheet to a Grid. The alternative was to write a proper app for the grid that did the job properly, but it was considered easier to move the spreadsheet to the compute Grid because the grid vendor and Microsoft had done lots of whitepapers saying it was possible and they were both more than happy to support this configuration.
Needless to say it didn't work because it turned out that Microsoft were wrong about Excel, it really doesn't like running > 1 copy on a machine and it would fail on about 20% of the invocations with an infinite loop. Microsoft dropped support for that configuration, and the customer hacked up a config that would limit one copy of Excel to a grid node thereby reducing their aggregate compute capacity by a factor of 8.
So yeah, "crap" that "can't be integrated" or "migrated" and hangs around for years is a problem the closed source folks have too. In fact it's more of a problem because if a vendor decides it can't be arsed to support it's own software you are pretty much SOL.
"Linux is much easier to attack remotely (yes I am allowing for market share)"
FAIL. Read your own article. They are discussing website defacements, which involves multiple attack vectors - most notably poor website code and web hosting security gaffes, as mentioned in the article. Combined with the fact that Linux is the most used website hosting platform, its no suprise that the label "Linux" is attached to this statistic.
You've just produced a standard case of abusing statistics to support a skewed point of view.
"FAIL. Read your own article"
If YOU bother to read it, you will find that it shows that you are several times more likely to be remotely hacked if you run Linux than Windows - even after adjusting for market share (as per Netcraft)
It also states that the most common exploit used is a Linux kernel vulnerability.....
"If YOU bother to read it, you will find that it shows that you are several times more likely to be remotely hacked if you run Linux than Windows"
So I read it and it said :- ( and this is YOUR ref remember )
"we consider the fact that last year brought a very high number of the LOCAL linux kernel exploits."
Your usual method of chaining one 'fact' to another to make a story.
Now if you really want remote kernel vulns.
As reported in The Reg recently
http://www.theregister.co.uk/2013/10/09/patch_tuesday_double_ie_trouble/
"The critical MS13-081 update addresses seven vulnerabilities in the Windows kernel, including problems in font handling, and can be triggered remotely through malicious web pages and maliciously formatted Office documents"
@AC 08:48
A full published support road map for all products - for instance XP will have been supported for circa 13 years by the time it is retired - and paid support is still an option after that.....
I used to write software for XP - In quite a lot of instances there was not a lot of similarity between the original XP and XP SP1, SP2 and SP3.
I note that, so far, there are about 12 fairly extreme posts from ACa for Windows compared to about half that number biased towards Linux. A cynical person might suspect that astroturfers and shills are busy...
Scaremongering by journalists and spin doctors.
PCI, DPA, FCA, PRA, SEC, etc will NOT be issuing fines to companies who have demonstrated a good approach to securing their estate.
Mainstream and Extended (aka FREE) support will end April 2014. Microsoft have published the prices for Special Support, and therefore ALL users have the OPTION to maintain a supported estate (although they might not have the budget).
Yes, get rid of XP as soon as you can. But you are more likely to be fined for fucking up a rushed rollout than doing a rollout in a controlled manner.