Mano a mono

One IT consultant’s battle against the Microsoft monoculture.

We all know the perils of the Microsoft monoculture: viruses, spyware, endless patching, reliability issues and high licensing costs. Yet few IT consultants seem willing to look at alternatives.

There are probably three reasons for this. One is inertia. The other is a variant of the old IT proverb, “Nobody ever got fired for buying IBM.” A third is that currently clean alternate technologies might be equally afflicted with problems if they were more popular. Maybe, but why cling to products with a past, present and probable future of security  and reliability woes?

My company serves small businesses and non-profits with typically a few dozen computers and a couple of servers each. Our clients hire us because they can’t afford an IT staff. They shouldn’t need monthly service calls to install patches, reboot servers or disinfect desktops.

Thus we’ve made a careful choice over the past few years to consider and use alternative technologies where appropriate. In some cases, only Microsoft will do the trick. Other times there are credible options.

Out of the closet

Starting in the network closet is easiest because it doesn’t change the end-user experience.

Microsoft has a range of products for network infrastructure: Windows Server/Active Directory for authentication, file and print services; Internet Security and Acceleration Server (ISA) for firewalls ; Internet Information Server (IIS) for Web servers; SQL Server for databases; and Exchange for e-mail and groupware.

The whole lot can be bundled as Microsoft Small Business Server (SBS) and installed on one machine. Attractively priced and targeted at small offices, SBS appears simple but is a Frankenstein of complexity underneath. It easily can be the single point of failure for a network.

As an alternative to either SBS or individual Microsoft applications , I’m a fan of server appliances for file, print and Internet access because they combine low cost, easy setup and hardware-class reliability. Although my experience is primarily with products for small networks, similar boxes exist for larger installations.

Network-attached file servers such as Quantum’s Snap series can be configured quickly. The size of a kitchen toaster and even more dependable, they provide the entire network file storage needs for a typical law office or real estate agency . Likewise, network-enabled printers render PC-based queues obsolete.

Most people wouldn’t think of Microsoft as a firewall vendor, but that’s exactly what the ISA component of SBS promises. If you’re looking for an alternative, consider a firewall appliance. Even inexpensive home-office firewalls intended for cable or DSL can be plugged into a router and T-1, delivering robust firewall services plus surprising bonuses such as VPN and demilitarized zones. I have used Netgear’s products in libraries and small manufacturing plants with good results. For complex perimeter tasks I rely on software firewall/routers  such as Qbik’s WinGate or Kerio’s WinRoute.

IIS is such a hack magnet that I refuse to install it unless an application absolutely requires it. From industry-standard Web server Apache to lightweights such as Abyss X1, there are many good alternatives.

Exchange is overkill for my clients who just need reliable e-mail. I often turn to Alt-N’s MDaemon for ease of configuration. MDaemon’s Web-based e-mail client and shared calendar provide a decent groupware solution. For diehard Outlook shops Alt-N offers a plug-in that lets MDaemon service Outlook’s feature set.

Even for server applications and network authentication there are options. Many database servers run on Linux or Mac OS X. NetWare, though pricey, remains a sophisticated and reliable network operating system . Only twice in three years I have had to touch a library’s NetWare server – once to fix a hardware failure and once to update a third-party application.

When done right, these “closet” Microsoft replacements are transparent to end users.

Onto the desktop

Outside the server closet the Microsoft alternatives are fewer and the sales pitch tougher. Users spend years learning how to make their workstations perform basic tasks and are loath to start over. Change often begins with the Web browser. Alternatives to Internet Explorer function similarly but without the security loopholes. I’m partial to Mozilla because it supports Windows, Mac, Linux and other clients.

The almost total lack of malicious code on non-Microsoft desktops is a powerful incentive to switch. Swapping out the whole operating system is traumatic for users but not much worse than the upheaval of transitioning older Windows clients to XP. I’ve managed to switch some clients to Mac OS X, which is easy to learn and supports native versions of familiar applications: PhotoShop, QuickBooks, FileMaker, Mozilla and Microsoft Office.

Successfully moving clients to Macs requires carefully configuring the machines and providing users with some training. After a few weeks of sporadic phone calls, I won’t hear from my Mac users for months. Eventually I’ll see them on the street and they’ll brag about how their computer hasn’t crashed once or how they kept working while Fred spent a day mopping up Blaster in his office. As long as they can open Office files, use the Internet and get their work done, most folks are happy with their computer whatever the operating system.

One of the reasons the Mac is an easier client option than Linux is the availability of Office. Office is the hardest thing to wean people from. I’ve had some luck getting casual users to adopt OpenOffice, but most spreadsheet wonks won’t accept any substitutes for Excel.

Is all this upheaval worth it? Greater reliability, lower cost and fewer service calls make my clients happy – that’s my measure of success. We eat our own dog food, too, mixing Mac and Windows desktops, OpenOffice and Microsoft Office, the Mozilla browser, Wingate firewall, MDaemon e-mail, and Abyss and Filemaker Web servers to run our small IT shop.

Each time we sift through a client’s cluttered SBS to isolate glitches, or reformat an XP machine to eradicate spyware, it further encourages us to consider the alternatives.