Minor upgrade does little to change Apple's second-class standing in the enterprise
We haven't visited Apple OS X since Snow Leopard, and while there have been incremental changes, there is nothing radically different in OS X 10.9 Mavericks.
This free upgrade is a roll-up compendium of items Apple has released since the last of the Big Cats OS X versions, Mountain Lion, including significant safety/security updates and features.
Mavericks addresses power savings by putting apps and part of the machine it runs on to partial sleep (called App Nap) under several circumstances. We measured a sampling savings of 19% using Kill A Watt measurements on a solid state MacBook Air, which is significant, especially in locations where power is expensive. Not all apps can or should be put into sleep this way, but Mavericks leaves interrupt-driven apps alone, so there’s no “damage” by making them take “power naps.”
+ ALSO ON NETWORK WORLD The best features in OS X Mavericks +
The last strong version of Apple’s Server edition wasn’t simple in our opinion. Apple’s Xserve hardware -- the 1U servers Apple retired -- are still supported and indeed the features we found have been simplified and poised towards smaller organizations, or perhaps islands within larger organizations. Apple’s Xsan storage devices are still supported as well.
MacOS vs. Windows
There’s a danger in thinking that MacOS and Windows should be similar, or even alike. Within the context of larger organizations, MacOS is often a second-class citizen, even now in the third decade of its rivalry with Microsoft. Apple tightly controls its user-focused “experience,” which in turn, is coupled to its federated AppleID mechanisms.
Microsoft channels its energies into varying authentication services anchored by its ActiveDirectory and Server Message Block (SMB) protocols. Microsoft has been moving its authentication methods more toward how Apple’s works. The reverse is not true and while on the surface Macs seem to be equal players, underneath is a decade of internecine rivalry and the hubris of not-invented-here. Apple champions the user; Microsoft allies business infrastructure; rarely do the twain meet.
Server: Users vs organizations
Connecting Mavericks instances is a foundation of existing Open Directory (LDAP V3 + Kerberos 5) resources, along with Microsoft’s SMB2. Apple now eschews SAMBA, which separates it from many versions/distributions of Linux and BSD clients that use SAMBA to run Microsoft’s SMB2 and even portions of SMB3.
Apple stands largely alone in its implementation.
For those organizations concerned about deploying deep OS use policies, Mavericks does impose application sandbox restrictions on apps managed through the Mac Store. Although not mandated for users, as they can obtain apps from other sources, the sandboxing imposes constraints that have both limitations but also continuity among prior versions of apps built with sandbox-compatibility in mind.
The sandboxing technique spawns an instance with its own user-account subdirectory, hidden from the user. The app instance lives in an isolated shell that looks a lot like how Sun/Oracle built its containers. Application isolation between Mavericks and iOS 7 have similarities, and Apple encourages developers to use the technique to prevent user-space from troubling kernel/machine space.
Delivering an analog of Microsoft’s Group Policy Management is elusive, although there are Mobile Device Management distribution, PIN requirements, and packages available for OS X and iOS devices/clients. These don’t work well for Android (4.2 tested) or Windows (Phone 7, Windows 7-8.1 tested). Apple only, we found. Worked very nicely with our iPads and Macs. If it doesn’t have the logo, go fish.
Apple, through the use of Server, permits a backup of various client versions through the versioning-sensitive Time Machine app. We tested this local network (it can be run over VPNs, but circuit speeds might slow down client backups dramatically) NAS-like storage and it worked without drama.
As Apple controls its hardware platforms, which increase in variance from model to model, and so does the job of regression testing model compatibility with new OS versions. Although Mavericks is said to run on the same hardware as OS X Mountain Lion, its OS X predecessor version, its installation routine seems to have rendered a solid number of stunning reported wipeouts, although we did not experience this ourselves, in our admittedly small upgrade regimen. Empirical testing becomes difficult with so many Apple model variations.
We found it strange, however, that Mavericks would attempt its 5GB installation payload routine without checking the sanity state of the existing file system. We believe that this alone may account for a large percentage of reported installation failures. Mavericks is now in its second patch release, and this maturity may also help administrators and users avoid upgrade catastrophes.
There are many consumer-focused features, such as the breakout of iBooks from iTunes. IBooks plays books more like movies than its Kindle and Kindle-like competition. Although Apple’s catalog is said to be smaller than Amazon’s, adding especially PDF books was simple. We could buy many of them, too.
Our experience with iTunes was good, although the UI is all about selling more product in a consumer sense, rather than being poised towards business/organizational media. Imported music may not have the automatic CD/album artwork applied to icons, as only the music purchased from Apple had automatic artwork applied to an album icon.
IPhoto exploded several times during our importation of a stock 25,000 mixed JPG and MOV image set. The iPhoto app also imports images from sources in a way that creates events that aren’t easily labeled by the importer. Merging multiple large events together also crashed iPhoto. We repeated the crash on two different machines, a Macbook Air and a Macbook Pro, although this sample size is very small and might be considered anecdotal.
In all of the explosions, however, iPhoto seemed to know that it had caused a problem, and knew where to pick up from when it crashed. IPhoto’s job of handling duplicate image import, however, doesn’t work well, and we were easily able to import thousands of dupes.
Apple makes iCloud, the user based storage service, very convenient and adds iCloud Keychain, a profile storage caching service. This worked well in testing and allowed us to replicate our iCloud Keychain data across Macs we used for testing accurately. Wireshark proved that the data was opaque.
Many Apple users consider themselves to be mavericks, and Apple’s invasive trend as maker of the leading “BYOD” devices may force Microsoft to change. Or not.
This roll-up release signals no new important trends, but it does add comfort, bug fixes, and minor feature enhancements to a popular app and hardware product mix.
How We Tested
We tested a MacBook Air (i7, 8gb DRAM, 500gb SSD), a MacBook Pro (i2, 8GB DRAM, 256GB conventional drive), Apple Xserve (quad Xeon, 16GB DRAM, 4TB conventional disk and 128GB SSD drive) in a Gigabit Ethernet switched network. We upgraded each machine from Apple Mountain Lion (patched to the date of install) to Mavericks. We also updated the Xserve’s version to Server 3.0, then iterative releases to 3.1.
We imported mail and calendar entries to judge ease of updating; no problems were noted. We also imported music in to iTunes, and photos into iPhoto, as described, and tested other applications, such as iBooks, and iCloud Keychain.
Henderson is principal researcher for ExtremeLabs, of Bloomington, Ind. He can be reached at firstname.lastname@example.org.
Both Microsoft and Apple operating systems are malware with backdoors to snoop on and shackle users,...
EMC has public and private cloud offerings from VMware, but it wanted a slice of the managed cloud...
How far does Swift soar over Objective-C? Let us count the ways
Don't let a string of Unicode lock you out of your phone.
Most advanced research and education networks have transitioned to 100 Gbps, but as fast as the core...
6 ways to tighten up email policies and improve network security.
ProLiant BL-460 Gen 9 blades are tuned for virtual workloads.