Upload
chad-johnson
View
1.871
Download
3
Embed Size (px)
Citation preview
Comparing Operating Systems for InterfacingWhite Paper
2 COMPARING OPERATING SYSTEMS FOR INTERFACING
When assessing the choice of interfacing options, integration engine vendors will chose varying operating systems with which their
application is deployed. This whitepaper addresses several different concerns when analyzing an operating system, and analyzes how
an integration engine can be impacted by the operating system. Points addressed include:
> Patches
> Security
> Downtime
> Load handling
> Hardware Costs
EXECUTIVE SUMMARY OF FINDINGSPatches: All operating systems have patches, and it is more critical than ever to make sure security patches are regularly applied to
protect PHI residing on hardware for all operating systems. Windows and Unix solutions alike have similar GUI based patching processes.
Security: In the most recent survey by Information Technology Intelligence Consulting (ITIC), Windows Server 2008 R2 achieved the
highest marks on security based on 468 C-level executive responses.
Downtime: 92% of Windows Server 2008 R2 users experienced one or no Tier 3 outage per server per year, scoring the highest in this
category among all operating systems.
Load handling
SAP, in a complex and demanding environment of over 3 million line items processed in an hour with over 30,000 users across ten servers,
showed equivalent performance of its Windows and Linux solutions.
Hardware Costs
> IBM AIX solutions are more than twice the cost of Microsoft Windows Server 2008 solutions for equivalent processing capabilities.
> In a variety of comparisons, solutions using Microsoft Windows Server 2008 had overall lower hardware costs by 45% as compared
to Unix/Linux solutions.
PATCHESAll operating systems issue patches. It is the responsibility of IT professionals to schedule the application of these patches. Many
patches are related specifically to the security of the system. With the protection of patient health information (PHI) at a critical level in
the healthcare IT industry, with fines reaching unprecedented amounts, it is more critical than ever to routinely apply security patches
for all operating systems.
For example, Red Hat Enterprise Linux Server (v. 6) released 33 patches1 related to security in the first three months of 2012. Of these
33, eight were tagged as critical. Red Hat is not alone in having this volume of patches, all operating systems are impacted. Similarly,
patch volumes for SUSE Linux Enterprise Server can be viewed on the Novell Patch Finder2 web-site.
COMPARING OPERATING SYSTEMS FOR INTERFACING 3
All operating systems have utilities to streamline the updating of patches. With Microsoft Windows Server, the Windows Update utility
allows the user to view all patches that have not been applied and selectively choose which ones will be applied. The patch process
is initiated with the click of a button. Other operating systems offer similar functionality. Windows and others also have command
line options for patching as well. In general a command line process would be similar to what is detailed on HP’s website, HP-UX 11.x
Patch Process3.
With modern utilities that automatically detect which patches need to be applied, sorting through the patch process is much simpler
than in the past. This simplified process is a great benefit given that the security threat to PHI in healthcare demands regular patching
for all security threats on a regular basis, regardless of the operating system.
SECURITYThe topic of security is closely related to the previous topic of patching, but also includes many other components related to access
and authentication. As mentioned above, the security of PHI is critical in healthcare and governed closely by the industry.
An independent assessment of server security is performed by Information Technology Intelligence Consulting (ITIC) on a regular basis4.
In the most recent analysis, the independent survey was conducted among C-level executives and IT managers at 468 corporations from
November 2010 through January 2011.
In the data seen below (Source: ITIC 2011)5, Windows Server 2008 R2 is ranked number one in the industry with respect to security.
Windows Server 2008 R2 was in a virtual tie with IBM AIX 7.1, with AIX receiving 1% of ‘Poor’ responses where Windows had none.
The independent security rankings for a variety of operating systems, including Windows, Unix, Linux, and Apple Mac can be viewed
in the chart.
Operating System Security
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
1 00%
Windows Server2008 R2
HP UX 11i v3IBM AIX 7.1 SuSE LinuxEnterprise 11
Red Hat Enterprise Linux
5.5
Unsatisfactory
Poor
Satisfactory
Good
Very Good
Excellent
4 COMPARING OPERATING SYSTEMS FOR INTERFACING
To further validate the security robustness of Microsoft Windows, a report by security firm Kaspersky titled the IT Threat Evolution can
be analyzed10. From the report:
•Microsoft products no longer feature among the Top 10 products with vulnerabilities. This is because the automatic updates
mechanism has now been well developed in recent versions of Windows OS.
The top two vulnerabilities, as listed in the article, are related to Java and include:
> Oracle Java Multiple Vulnerabilities: DoS-attack (Gain access to a system and execute arbitrary code with local user privileges)
and Cross-Site Scripting (Gain access to sensitive data). Highly Critical.
> Oracle Java Three Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical.
The article acknowledges that just a few years ago, Microsoft would have likely been all over the list, but that the company has taken
significant strides in the area of security. In addition, the comments are very harsh with regards to Java, stating that “you shouldn’t have
Java installed, unless you absolutely need it.”
DOWNTIMEFor integration engines, uptime is absolutely critical to keep clinical information flowing within and outside-of the providers of care.
Choosing an operating system which is reliable is key to a successful integration engine.
Throughout its history, Microsoft Windows has been marred by the perception of unreliability both in the desktop and server space.
However in the server space, Microsoft has been consistently closing the gap in reliability with its competitors during the past decade.
From the 2011 Global Server Hardware and OS Reliability Survey conducted by ITIC, Microsoft Windows Server showed significant
improvement just as it had in the previous survey of 2009. Laura DiDio, Principal at ITIC, commented4:
•“Microsoft’s Windows Server 2008 and Windows Server 2008 R2 served up the biggest surprise in the survey, scoring impressive
reliability gains and making it one of the top three most reliable, mainstream server OSs.”
92% of Windows Server 2008 R2 users experienced one or no Tier 3 outage per server per year, scoring the highest in this important
category. This was compared to 90% for IBM’s AIX 7.1, 86% of Novell SuSE Linux Enterprise Server 11 and 84% of Hewlett-Packard’s
HP-UX 11i v3. Tier 3 outages are rated as the most severe, typically lasting for four or more hours, involving data loss, and requiring
multiple members of the IT department to perform remediation4.
OperatingSystem UsersExperienced≤OneTier3Outage
Windows Server 2008 R2 92%
IBM AIX 7.1 90%
Novell SuSE Linux Enterprise Server 11 86%
Hewlett-Packard HP-UX 11i v3 84%
COMPARING OPERATING SYSTEMS FOR INTERFACING 5
The survey noted that one of the key reasons for Tier 2 and Tier 3 outages was due to trouble applying patches. This emphasizes the
importance of having a high availability solution for your integration engine so that even if there is trouble applying patches that no
connection downtime will be required.
LOAD HANDLINGHaving a robust operating system which can handle the load of an integration engine is required for the data demands of the healthcare
setting. Large providers are known to utilize a single server to run hundreds of connections and millions of daily messages on a single server.
To compare the load-handling of Linux versus Windows, one of the most complex and demanding global applications in existence
today in any market was utilized. Under extremely demanding circumstances, SAP compared the use of its global ERP application
running on Windows and Linux.
NON-HEALTHCARE LOAD BENCHMARK FROM SAP6
SAP is a global market leader in enterprise application software. SAP software applications are arguably some of the most demanding
applications across all industries that exist today. With SAP being one of the most intensive applications in the world, it only makes
sense to benchmark how different operating systems behave under these demanding circumstances.
To handle its loads, SAP customers can choose from Windows or Unix/Linux solutions. To prove the performance of each platform,
a demanding benchmark scenario was constructed. The environment consisted of over three million line items processed in a given
hour with over 30,000 users. The results are as follows:
NumberofUsers
ProcessedLineItemsPerHour
OperatingSystem
SAPRelease
#ofServers
Total#ofCores TypeofApplicationServers
32,125 3,506,330 Windows Server 2008
R2 Enterprise on VMware ESX 5.0
SAP ERP 6.0 10 120
HP ProLiant BL460c G7, 2 processors/ 12 cores/24 threads,
Intel Xeon Processor X5675, 3.06 GHz, 64 KB L1 cache and
256 KB L2 cache per core, 12 MB L3 cache per processor,
96 GB main memory
16,000 1,756,000 SuSE Linux Enterprise Server 10 on VMware
ESX Server 4.0SAP ERP 6.0 7 56
Fujitsu PRIMERGY BX900 S1, 2 processors/8 cores/16 threads,
Intel Xeon X5560 2.80 GHz, 64 KB L1 cache and 256 KB L2 cache
per core, 8 MB L3 cache per processor, 36 GB main memory
While the configuration of the servers are not exactly the same, when analyzed by processing power both systems produce very similar
results. The Windows Server 2008 solution has roughly twice the processing power of the benchmarked Linux solution. With twice
the processing power, the Windows Server 2008 configuration was able to process 3.5 million line items in an hour which is twice that
achieved by the Linux configuration. So normalized for processing power, the two configurations perform almost exactly the same in
an extremely load intensive benchmark.
6 COMPARING OPERATING SYSTEMS FOR INTERFACING
HARDWARE COSTSThe cost of procuring hardware for different operating systems can vary substantially. Often times the hardware costs can be more than
the application running on the hardware, or at least be a very substantial part of the overall cost.
Hardware costs were compared in two different ways:
> A direct cost comparison between an IBM AIX system and a Dell Windows Server 2008 system
> An independent benchmark of the overall system cost based on the ability to process orders
DIRECT COMPARISON — AIX VERSUS WINDOWS SERVER 2008For comparison purposes, an analysis has been done to compare the costs of purchasing a comparable IBM AIX V7.1 solution versus
purchasing Dell hardware with Windows Server 2008 software. The total cost of procuring an application must be considered together
with the expense of the hardware and operating system software for which it will be deployed.
In the hardware comparison, the following requirements were targeted to have specifications as similar as possible:
> Form Factor
> Processor Speed
> Number of Cores
> System Memory
> Internal Storage
Both systems were configured at the vendor web-sites, IBM and Dell. No corporate discounts were applied. The prices shown reflect
what any visitor to the web-sites would receive as their price. The web-site links are:
IBM: http://www-03.ibm.com/systems/power/hardware/750/configs/8233e8b14a.html7
Dell: http://configure.us.dell.com/dellstore/8
The results from the web-sites are as follows:
IBMPOWER750EXPRESSSERVER DELLPOWEREDGERACKSERVER
Configuration: 8233-E8B14 Configuration: R720xd
Form Factor: Rack-mount Server Form Factor: Rack-mount Server
Operating System: AIX V7.1 Standard Edition License Operating System: Windows Server 2008 R2 Standard Edition
Processor: POWER7 Processor: 2x Intel® Xeon
Speed: 3.2 GHz Speed: 3.3 GHz
Cores: 8 Cores: 8
System Memory: 32 GB System Memory: 32 GB
Internal Storage: 2 X 146 GB Internal Storage: 2 X 146 GB
Price: $31,946 Price: $7,552
COMPARING OPERATING SYSTEMS FOR INTERFACING 7
Using these non-discounted prices, the IBM AIX configuration is more than four times the price of the closest equivalent Windows
Server 2008 system. Corporate pricing agreements may impact this pricing comparison to some extent, but nevertheless these are
real costs that must be considered when choosing applications that are specific to a given operating system.
INDEPENDENT BENCHMARK — TRANSACTION PROCESSING PERFORMANCE COUNCIL (TCP)The Transaction Processing Performance Council (TPC) is an independent organization which measures the performance and price per
performance of transaction processing systems. Throughput, in TPC terms, is defined as how many new order transactions per minute
a system generates while executing all other transaction types.
TPC measures the number of orders that can be fully processed per minute and is expressed in tpmC. For a 710 tpmC, a system is
generating 710 new order transactions per minute while fulfilling the rest of the transaction mix workload.
TPC benchmarks are system-wide benchmarks, encompassing almost all cost dimensions of an entire system environment, including
terminals, communications equipment, software, computer system, backup storage, and three years maintenance cost. For example,
if the total system cost is $859,100 and the throughput is 1562 tpmC, the price per performance is derived by taking the price of the
entire system divided by the performance, which equals $550 per tpmC.
The ten most recent benchmarks conducted by TPC are shown9:
System Price/tpmC OperatingSystem
HP ProLiant Blade BL685c G7 $0.51 Microsoft Windows Server 2008 R2 Enterprise
HP ProLiant DL380 G7 $0.65 Microsoft Windows Server 2008 R2 Enterprise
HP ProLiant DL580 G7 $0.49 Microsoft Windows Server 2008 R2 Enterprise
IBM Power 780 Server 9179-MHB $1.38 AIX Version 6.1
Cisco UCS C250 M2 Extended-Memory $0.58 Oracle Linux w/Unbreakable Enterprise Kernel R2
Sun Fire X4800 M2 Server $0.89 Oracle Linux w/Unbreakable Enterprise Kernel R2
SPARC SuperCluster with T3-4 Servers $1.01 Oracle Solaris 10 09/10
IBM Flex System x240 $0.53 Red Hat Enterprise Linux 6.2
IBM System x3850 X5 $0.59 SUSE Linux Enterprise Server 11 SP1 for X86_64
IBM System x3850 X5 $0.60 SUSE Linux Enterprise Server 11 SP1 for X86_64
On average, the Unix/Linux systems demand a premium price per processing power:
Windows Server 2008 R2 Average $0.55
Unix / Linux Average $0.80
Premium for Unix / Linux 45%
As was shown in the previous section with the direct comparison of AIX, systems with IBM AIX command a considerable premium over
Windows Server 2008. And in general, Unix or Linux hardware will be more expensive than a comparatively robust Windows Server
2008 system.
8 COMPARING OPERATING SYSTEMS FOR INTERFACING
Both the direct price comparison and the industry benchmarks by TPC demonstrate a greater value through utilizing Windows
hardware. Corepoint Integration Engine operates on the Microsoft Windows platform so that customers can take advantage
of the competitive pricing and availability of hardware.
REFERENCES1. Red Hat Customer Portal, https://rhn.redhat.com/errata/rhel-server-6-errata.html, Red Hat Enterprise Linux Server (v. 6)
General Advisories
2. Novell Patch Finder, Version 2.4.8, http://download.novell.com/patch/finder/#familyId=7261&productId=&dateRange= &startDate=&endDate=&priority=&distribution=&architecture=&keywords=&xf=7261&xp=7261_40184&xp=7261_32103, SUSE Linux Enterprise Server
3. HP AllianceONE Partner Program, http://h21007.www2.hp.com/portal/site/dspp/menuitem.863c3e4cbcdc3f3515b49c108973a801?ciid=8a62dda253345110VgnVCM100000275d6e10RCRD, Patching HP-UX 11.x systems
4. Information Technology Intelligence Consulting (ITIC), http://www.iaps.com/2010-2011-server-reliability-survey.html, 2010-2011 Server OS Reliability Survey
5. Information Technology Intelligence Consulting (ITIC), http://www.wservernews.com/images/os_reliability_survey_results.jpg, Rate the security of your operating system(s)
6. SAP — Published Benchmark Results, http://www.sap.com/solutions/benchmark/sd3tier.epx, SAP SD Standard Application Benchmark Results, Three-Tier Internet Configuration
7. IBM Power 750 Express Configuration, http://www-03.ibm.com/systems/power/hardware/750/configs/8233e8b14a.html, 8233-E8B14 AIX Edition
8. The Dell Online Store, http://configure.us.dell.com/dellstore/config.aspx?oc=bectk3-le&c=us&l=en&s=biz&cs=555&model_id=poweredge-r720xd, PowerEdge R720xd Rack Server
9. Transaction Processing Performance Council (TPC), http://www.tpc.org/tpcc/results/tpcc_results.asp?print=true&OrderBy= SUBMITTED&SortBy=DESC&version=, TPC-C — All Results — Sorted by Date Submitted — Version 5 Results As of 20-Jun-2012 8:17 PM GMT
10. IT Threat Evolution report, Security firm Kaspersky, http://thenextweb.com/microsoft/2012/11/02/microsofts-security-team-is-killing-it-not-one-product-on-kasperskys-top-10-vulnerabilities-list/, Microsoft’s security team is killing it: Not one product on Kaspersky’s top 10 vulnerabilities list
FOLLOW US:
Corepoint Health