IST Keyworth
 
NERC Home
   

Added-Value Software

As well as installing an Operating System supplied by the vendor, we normally try to "add value" for our customers. Our overall aim is to integrate the different platforms into a reasonably coherent whole, so that users see a similar environment on all platforms and can concentrate on their science rather than the underlying systems architecture, despite what the manufacturers would like to think! However, we are not trying to make all unix systems look the same - a SUN is still a SUN and an IRIX is still an IRIX.

Some of the ways we do this are:

/nerc file structure

Open Source software as /nerc/packages/....

Perl

Compilers

Legato Networker distributed backup software

samba

Firewall software

Internet Server Software



/nerc file structure


Commonly referred to as the "NERC file system" - nowadays this consists of All of this is described in the Administrator's Guide to the NERC Unix File Structure. Paper copies of this manual can be obtained by mailing isthelp@nerc.ac.uk or syshelp@nerc.ac.uk. The latest printed version is marked Second Edition November 1996.

However, we converted the entire document to HTML and it is available here by clicking The NERC UNIX System Administrator's Guide. This online version is the "definitive" one on which we are making updates. As normal in such circumstances, the paper copies are becoming somewhat out-of-date and incomplete.



Open Source software as /nerc/packages/....

the provision of well-known Public Domain and "freely available"software from the Internet. has always been an important part of the UNIX environment We have limited this to the famous, well known packages which we have found to be a extremely high quality (Certainly better than most commercial software.) to minimise support effort. These include


This is all available in a compatible environment (/nerc/packages/utilities, nerc/packages/perl, /nerc/packages/adobe, ......) for Solaris 2.x, SunOS 4.x, IRIX 4.x , IRIX 5.x/6.x, Digital Unix 4.x and HP-UX 10.x. Note however that the Solaris 2.x and IRIX 5/6 versions are by far the most developed. The HP-UX, IRIX 4.x and SunOS 4.x versions are effectively frozen. Online documentation for much of this software can be found at http://www-wl.itss.nerc.ac.uk/info/onlinedocs if you have an SLA.

We have not, as yet, done a /nerc/packages/utilities for linux, largely because most of this material is already provided with the popular linux distributions ! It is interesting to note that the proprietary unix vendors, such as SUN and SGI, are quickly catching up here - for example, Apache, perl and a whole range of Open Source software is supplied with Solaris 8.

Perl is a language for getting the job done ! It makes the easy jobs easy without making the hard jobs impossible. It was originally designed as a glue language for UNIX but it also runs on many other systems (VMS, OS/2, Windows) . It is especially strong for system administration tasks and anything involving text manipulation. Because of its strong facilities for manipulating text strings, it is the language of choice for the WWW (CGI-BIN scripts etc). The CPAN archive for perl modules is an almost incredible achievement - there are perl packages for just about everything you can imagine here. For links to find more information, see http://www.perl.com .

We can supply perl v 5.005_2 with a large collection of useful CPAN modules already installed, all under
/nerc/packages/perl. We took perl out of /nerc/packages/utilities to make upgrades easier. Also, note
the SUN supply a good perl package with Solaris 8 and we expect newer perl versions to appear as patches from SUN - we will therefore probably stop doing our own /nerc/packages/perl


Compilers


The proprietary unix vendors all supply a range of compilers and development tools with their Operating Systems. Sometimes these are "bundled", sometimes they are chargeable products. Regardless of this, we will supply the compilers to any NERC site which has a unix SLA with us. We do this via NERC-wide supply contracts between IST and the supplier.

We can also supply the excellent GNU compilers (C, C++ and fortran) as well as the GNU debugging tools (gdb and ddd). Note that the EGCS code branch has now been incorporated back into the GCC branch so that the current version is GCC 2.95.2 and the versions called EGCS are obsolete.

Note - we have some experience with these products and can usually fix problems but we are not experienced programmers or "language lawyers" and are not always able to advise on language issues.



Legato Networker

This is a market-leading product which is widely deployed all over NERC to back up UNIX, Novell
and Windows computers.For more information, see http://www.legato.com or our own procedures (if you have an SLA).


Samba is a very famous and well-regarded SMB (aka CIFS) file and print server. It can take the place of a Windows or Novell file and print server in a PC network. Certainly, this is a key product for any site which is trying to integrate unix and Windows networks.

Performance has been measured (by some people at least !) as significantly better than both NT and Novell on identical hardware. The truth probably is that by judicious choice of the "identical hardware", and the size and type of the test workload, one can contrive for such comparisons to have almost any desired result. Perhaps more significantly (when comparing with Windows or Novell servers) , is that unix servers can scale up to much larger sizes than Windows or Novell servers. Current versions of Samba can also assume "NT Domain Controller" responsibilities but we would not recommend going this far, just yet.

The current version of Samba (2.0.7) has fixes for the "5 known problems" with Windows 2000. Ie there are no known problems with Windows 2000 and Samba 2.0.7.

For more details see http://www.samba.org There is also the O'Reilly & Associates book Using Samba which is distributed with the software, courtesy of O'Reilly & Associates.

Note that no special software has to be loaded on the desktop Windows PCs - as far as they are concerned, a Samba server is a SMB server just like NT. You do need the Microsoft TCP/IP stack but this comes with Windows 95 (or later) and is almost always available already these days.

The other side (accessing Windows shares from Unix or Linux) has also been addressed - you can mount Windows shares with smbfs (linux only) or use the smbsh tool on unix.

There are several commercial SMB servers for unix - SCO , SUN, .... However, it does seem to be generally accepted that Samba is far and away the best (performance, functionality, relaibility, documentation,..)


Exceed

Vista Exceed is a product of Hummingbird Communications Ltd who provide further details about Exceed Briefly, Exceed is an X server for Windows. The current version is supported on Windows 95 or later. It is used at many NERC sites for PC access to UNIX hosts. It can also provide a telnet daemon and other TCP/IP services. Release notes and an IST distribution kit (which requires the Applications Installer) are available. Some hints and tips for its use are in the NERC UNIX System Administrators Guide .

You should be aware that earlier versions of this product were really not up to the job and consequently it acquired rather a bad reputation in some sites. Recent versions are much better, however, so you may like to try it again if you gave up on it several years back. On the other hand, if you have a seriously heavy requirement for a PC X server, you really should be asking yourself why you are not running linux which naturally comes with the real X Windows !!


Internet Firewall software


Since in any society a small percentage of people are malicious and the Internet now has over 100 million users, it is clear that it is only a matter of time until a site is attacked. The most common computer security model is to secure each host individually . This is a perfectly reasonable approach for a small network but it does not scale to large numbers of machines. Different vendors, different software releases, different services enabled all lead to different security problems. Also, inevitably, the no of privileged users increases with the number of machines.

For these, and other, reasons sites are today turning to a network security model. An important component of this is a firewall computer which is located at the Internet connection and which gives the ability to manage the traffic in and out of the site.

IST investigated the Firewall marketplace and a report was written. A pilot project using the Checkpoint Firewall-1 product was undertaken (January 1998) at the Wallingford site and we have now installed Firewall-1 at approximately 16 sites all over the UK. Please contact R. Campbell at IST in Wallingford for more details.

Some general information on firewalls can be found at the Firewall FAQ and details of the Firewall-1 product can be found at http://www.checkpoint.com/products/firewall-1

Last updated: 25/07/2007