Features

Directory Services: Big Burdens Face Today's Network Managers

To view the Report card.

Nevertheless, a good directory service will help you build a much more efficient network. Directory services are not frivolous--they are powerful platforms that make administering and using the resources on your network faster, easier, more secure and more cost-effective.

In fact, if you hope to build any semblance of a managed environment these days, you just about have to use some sort of directory service. If not , you're only creating extra work, since you'll have to build and manage your network around the independent "directories" already in use on your network. By using a directory service that integrates your environment into a consistent, uniform platform, you'll still have to build and manage these services--but because you can use a single, shared, networkwide repository, your control goes up and your maintenance goes down.

The effort required to build these directories is by no means trivial, so it's important to choose one that will yield a significant return on your investment and can grow along with your needs. Though many vendors have striven to incorporate valuable directory services within their network operating system, they fall short of this goal simply because none has managed to deliver a satisfactory solution that works with the variety of systems and services found in today's typical heterogeneous networks. Furthermore, network application vendors have been loath to support a specific directo ry service, preferring to provide directory-independent services and management tools.

Fortunately, many NOS vendors have come close to providing a directory-centric interface to the network. Therefore, depending on the exact nature of your environment, you should be able to achieve a level of interoperability that well exceeds your current installation. Four vendors, in particular, have achieved admirable levels of functionality, at least within their own product lines: Novell's Novell Directory Services (NDS); SunSoft's Network Information Service Plus (NIS+); Banyan Systems' StreetTalk; and IBM's Directory and Security Server (DSS) for OS/2 Warp.

To help you fully appreciate the potential value of these services, we put these four products to the fire in our San Mateo, Calif., labs over a three-month period, exploring their various strengths and weaknesses. Although they all held up fairly well in our tests--they came out about ev en, in terms of features and robustness--each displayed distinctive strengths that made it especially appropriate for specific environments, as well as telltale weaknesses that made it a poor choice for others. For example, Novell's NDS proved to be the best directory for companies that need centralized control, while Banyan's StreetTalk is more appropriate for companies with distributed management centers that want to interconnect departmental resources. NIS+ is the best choice for Unix-centric networks, while IBM's Distributed Computing Environment (DCE)-based DSS is the best platform for building cross-organizational, business-to-business, network-centric applications.

The four products exhibited an ability to manage and publish network information within a single database that could be replicated among a variety of different servers within an organization; products unable to provide this basic level of service were excluded from our testing. The latter group includes Microsoft Windows NT Server, which does not provide an integrated database that can be replicated acro ss an organization. (IBM's LAN Server, initially eliminated, later was reinstated as a platform that supports DSS.)

We also excluded products that were pure directories, instead focusing on those that also provide network services. For the majority of networks, a $200,000 super-duper, high-end, Yellow Pages-like directory service that does nothing but advertise resources on other systems is an unlikely purchase. Such products generally appear only in the largest worldwide enterprises, and offer little value to those administrators managing the remaining 99 percent of the world's networks. They're of even less value to users who simply want to print a document without having to query a far-off database of worldwide resources. For our purposes, if the directory service could not be directly integrated into the client environment--supporting immediate and direct file, print and network service access--we excluded it. We set up the directories in our labs and analyzed their strengths and weaknesses.

Choosing a Directory Service

There are four critical areas to examine when choosing a platform on which to build a unified network services directory. First and foremost is flexibility of data types: Does the directory provide tracking mechanisms for the resources on your network? Your directory should be able to track these resources, let you manage them and let users access them without jumping through hoops.

The second conside ration is cross-platform support. How many client systems are supported, using their native network tools and applications? How many platforms does the directory itself run on? If you can provide services to only half your users, or if you can integrate only half your systems, you're not going to get the full extent of the rewards you might have expected.