What are the consequences if a company has one platform for application development and another for, say, infrastructure operations, like email and print functions? Will two different operating systems give rise to administrative problems?
There are arguments both for and against running heterogeneous networks, but the deciding factor will mostly likely be your budget. With unlimited resources, it would of course make sense to use the "best of breed" hardware and software for each service that you run on your network. For your Web site, for example, you might decide to use an
Apache Web server that runs on a
Linux box, while your users authenticate and access the network via a Microsoft 2003 domain server. Using the most suitable software for each service makes the overall system more robust and reliable. Many application services are designed as multi-tier systems spanning database servers, application servers, Web servers and clients. It is common for different tiers of these services to execute on servers that use different operating systems. If you use application-oriented clusters to host such applications, you can still achieve a unified view of the total application service, while making it more effective and less prone to error.
The main problem with this type of configuration, though, is that it introduces a serious amount of additional administrative overhead. Taking the example of a Linux Web server and a Windows domain, your IT department would need the skills to configure, maintain and support both Linux and Microsoft systems. You would need an increased staff in order to achieve this, obviously adding to your overall IT costs. Running a heterogeneous system will also increase the overall complexity of your network, which in turn increases the risk of errors or inadvertent data security breaches caused by the diverse systems and components.
There are other practical limitations, too. Not all software programs will be available in every OS version, so you may have to run completely different antispyware programs, for example, with each operating system. This further increases your administrative overhead. You mention using a different platform for development than for other infrastructure operations. Your development environment should certainly be kept separate from your day-to-day network operations, but by developing applications on a different platform altogether, you could end up with increased development costs and deployment issues.
More information:
Learn why Web services security should begin at the application level.
Read how hackers can access machines by attacking an operating system.
This was last published in January 2007
Dig Deeper on Application and platform security
Explore the differences between symmetric vs. asymmetric encryption, including how they work and common algorithms, as well as their pros and cons.
Continue Reading
Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware ...
Continue Reading
As bitcoin use increases, so too have the number of cyber attacks on cryptocurrency exchanges and wallets. Learn how to keep bitcoin use secure.
Continue Reading