| |
Product New Features:
Red Flag Server 4.0 Series reflects the Red Flag's
brand-new design of Linux server product in 2002-2003,
it includes many innovations of Red Flag itself. All
new products are all developed in accordance to the
strict operating system standards, as well as the
open operating system standards and protocols. With
large sum of components upgrading (426 packages are
updated, 200 packages are substituted) and the user
interface is re-integrated. Red Flag Server 4.0 Series
possess many new features comparing with Server 3.0
series. From product form to packaging as well
as the certain application positioning, more professional
designs are made for the new products. Below are the
8 major improvements of Server 4 Series:
|
|
 |
Our Notion Of High Performance and Reliable
Computing Environment
With the Linux's entrance
into enterprise applications in 2002, enterprise
and e-government customers begin to impose more
strict requirements on Linux operating system,
especially in its performance and reliability.
Red Flag Server 4.0 reflects our new notion
of these two factors. To improve the performance
of products, Red Flag has applied following
optimization technologies.
| I/O Subsystem Optimizations |
| Asynchronous I/O |
Asynchronous I/O allows a process to submit an I/O request without
waiting for previous I/O to finish, Thus
the I/O waiting time is decreased, and
performance is improved. |
| Bounce Buffer Elimination |
Server 4.0 series have decreased (in many cases totally eliminated)
bounce buffer. Bounce buffer may cause
performance drop and overuse of memory
and bandwidth of I/O intensive applications.
|
| decrease competition for io_request_lock |
Server 4.0 series block device subsystem implements a new and
precise locking mechanism, including offering
separate lock for each block device.
This improvement enables more I/O throughput
for SMP system with multiple I/O controllers
under high data loads. |
| I/O driver optimizations |
With the modifications and enhancements of server hardware I/O
device driver made by our partners (IBM,
Dell, HP/Compaq, EMC, etc.), it shows
that some system bottlenecks are eliminated
based on our testing. |
| Virtual Memory Subsystem Optimizations |
Large Page Size
|
Server 4.0 series support 2MB or 4MB large page size, which makes
some high end applications to run more
efficiently.
|
| 4G-64G memory space |
By allocating SGA and shm system, large applications to use more
than 4GB memory. |
| Process Scheduling Optimizations |
new scheduling algorithm optimized for SMP
|
The new scheduling algorithm removes big task queue lock, realize
the per-CPU task queue and locking mechanism,
which enables parallel task scheduling
for each CPU, and no interlocking happens.
Thus improves the scalability of SMP system. |
| CPU affinity |
Server 4.0 is able to bind process to certain physical CPU, decrease
the overhead of context switching between
difference CPUs.
|
| Advanced Filesystem |
| EXT3 |
EXT3 is the main stream log file system, it is the default file
system of Server 4.0, with full support. |
| JFS |
Journaled File System (JFS) provides journal-based byte-level
file system, this filesystem is developed
for transaction-oriented high performance
system. It has high scalabilility and
robustness, compared with non-log filesystem,
JFS offers fast recover capability. JFS
is fully supported in Server 4.0 (with
management tools). |
| XFS |
XFS is high performance 64-bit file system. Server 4.0 provides
XFS kernel module and related tools (text-based
interface). |
| Reliability |
| high memory PTE patch |
To prevent system crash under high load, by combining Red Flag
HA server with Red Flag load balance server,
it is possible to achieve higher level
of reliability and performance scalability. |
note: features
listed above are only available in Red Flag
Advanced Server 4.0 and DC Server 4.0
|
|
|
 |
Manageability
To increase the manageability of Linux operating
system and lower the cost of system management,
this is one of major improvements of
Red Flag Server 4.0 Series. With the Linux's
entrance into enterprise, more and more system
administrators are switching from Unix and Windows
to Linux platform. Tools are made for both Unix
experts and Windows system administrators and entry-level technicians, the
former can get things done quickly using traditional
methods, while the latter can also get started
easily, this is the main goal of Red Flag Server 4 Series.
 New Network Device Configuration Tool:
GUI-based network device configuration
tool shows all configuration options in an
easy-to-find fashion, it also supports configuration
of multiple network cards.
Hardware Management: Red Flag
Server 4.0 support automatic hardware configuration,
if a new piece of hardware is plugged in,
the system will scan and install the driver
automatically, for most hardware, it is not
necessary to find corresponding drivers by
hand.
Disk Storage Management: Red Flag
Server 4.0 support LVM (Logical Volume Management),
which increase the scalability and management
efficiency of disk subsystem. Sysadm can define
up to 2TB of storage, and adjust the volume
size from 8-32M, its manageability is much
better than the traditional partition method.
Using EVMS enterprise volume management tool,
sysadm can manage disk subsystem more
efficiently under graphical interface.
New GUI-based Server Management Tools:
Red Flag Server 4.0 provides system management
and network service configuration tools, which
cover major server administration tasks. It
aims to eliminate three differences,
that is, differences between hand-editing
configuration files and tool-based configuration;
the difference between Windows administration
and Linux administration; and the difference
between local administration and remote administration.
By using these management tools, both Unix
sysadm and Windows sysadm are able to manage
Red Flag Linux servers easily and efficiently,
and management cost can also be lowered.
|
|
|
 |
Unique Security Enhancement Features
Red Flag Server 4 Series
improve greatly in manageability, availability,
reliability and scalability, and become the
new generation of enterprise network server
platform. To meet the needs of information security
area, Red Flag also has released Red
Flag Advanced Server 4.0 SE, which is based
on all the new improvements of the Server 4 Series, with 6 extra security enhancement features:
User-transparent Fine Grind Encrypted
Filesystem:Using encrypted file system,
it is possible to ensure the safety and privacy
of data. Even if the computer is stolen, one
can not get the encrypted data without the
key. Only with the key made by non-symmetric
encryption algorithm can user access the encrypted
files, directories and disk partitions. Encrypted
filesystem is transparent to user operations,
and only the one who encrypts the file can
decrypt it.
ACL-based Discretionary Access Control: Discretionary access control
means user can determine the file access attributes
of his files himself. For example, user can
let user A read one of his file, while make
user B be able to write this file, and prevent
other users from accessing it. Thus, ACL-based
discretionary access control offers finer
grind access control compared with traditional
Linux operation system file access management,
it is beneficial for security settings of
multi-user system.
Security Domain Confinement: Security
domain confinement is based on the industrial
leading technology of RBAC (Role-based Access
Control), which is enforced by kernel as a
security mechanism. It provides security policy
protection for applications, which means only
the programs in the same security domain are
able to access the sensitive and important
resources in the domain, such as DNS records
or Web server pages. Security domain confinement
is especially useful to keep the integrity
of important system resources and protect
system from attacks like stack overflow. It
is easy to deploy the domain policies by using
the Red Flag
Security Domain Administration Tool,
Kernel Module Restriction: The
operating system kernel is the soul of system.
Normally user space programs will not interfere
with kernel, it is because kernel has some
protecting mechanism to isolate kernel-space
from user-space. However, Linux kernel provides
a special feature called "kernel module",
which makes it easier to enhance kernel functionalities,
this feature is especially useful for device
drivers, which are usually made as kernel
modules to be loaded into kernel dynamically.
Though it makes Linux kernel more powerful
and flexible, if malicious code exists in
kernel module, it may introduce severe security
problem for the system.
Red Flag Advanced Server
4.0 SE provides restriction function for kernel
module, security administrator can forbid
any user from inserting unchecked modules
while the system is running, or specify which
module is allowed to use. Thus Linux kernel
security is enhanced greatly.
Security Audit: Security audit
is essential for collecting legal evidence
and monitoring system security. Red Flag Advanced
Server 4.0 SE provides a kernel-based, detailed,
configurable and complete security access
auditing method, which audits security events
that user cares, including access record of
sensitive resources and any unauthoritative
access attempt. A special role is given by
system to define all these rules for security
audit and review all the recorded audit trail.
System security audit can not be maliciously
turned off, and the auditing records are protected
by the kernel and thus can not be maliciously deleted either.
Auditing records can also be imported into
MySQL database, which makes the data management,
access and query much easier.
Host Port Protection (Firewall):
Host port protection is a basic network
access control method, which can be used as
a local firewall for server or workstation,
though its functionality is very simple, such
firewall can protect the network security
effectively, it can also be used to implement
certain access policy. With GUI-based tools,
sysadm can close ports of all network connections,
and only open the necessary network ports,
then specify the network addresses that are
allowed to access these ports. By combining
these security features, it is able to form
a pretty good server host protect plan, and
protect the host from attacks such as hacker
intrusion, virus, trojan programs, and human
mistakes like security-leak, damage and misoperation.
note:
the security features listed above are only
available in Red Flag Advanced Server 4.0
SE
|
|
|
 |
64-bit Computing Environment Support位
Red Flag Advanced Server
for Itanium2 uses 64-bit Linux 2.4 series kernel,
which offers high performance, high stability,
high security and wide range of hardware support.
Basic components like Glibc、
GCC、XFree86 are all optimized for 64-bit computing,
which enables more performance for applications.
Red Flag Advanced
Server for Itanium2 is compatible with 32-bit
Linux applications, most applications can run
without any modifications, thus customers can
get more high performance, flexibility and investment
protections.
|
|
|
 |
Improvements
Of Installation Process
Red Flag Server 4.0 use
new 2-disk based installation program, give
graphical Chinese installation environment with
blue-color-based background, which is much prettier
and easier than 3 series. Besides that, it also
includes following important new features:
driver disk support
|
Under expert mode, by inserting driver disk, server 4.0 is able
to support more new hardware devices,
drive disk images are downloadable from
Red Flag technical support website. |
network-based installation support
|
User can use NFS to do a rapid installation, ideal for enterprise-wide
deployment. |
hard disk based installation support
|
User can use the installation image stored on hard disk to install
sever 4.0, ideal for enterprise-wide
deployment.
|
Soft Raid support
|
Using software to implement Raid, it is more reliable and cost-effective.
Raid0-Raid5 are all supported. |
| LVM support |
LVM is a flexible disk management mechanism, which increase the
scalability and management efficiency
of disk subsystem. Sysadm can define up
to 2TB of storage, and adjust the volume
size from 8-32M, its manageability is
much better than the traditional partition
method. |
| automatic CD ejection after installation |
Handy for users |
Red Flag Server 4.0 employ
2-disk form of installation, the first disk
installs a basic Linux system, after the installation
of first disk and rebooting, user can continue
with the installation of second disk, which
includes enhanced kernel and many applications.
Series number is required for the second disk
installation. For more detailed installation
instructions, please refer to "Red Flag Server
4.0 Installation Guide".
|
|
|
 |
New Features
Of Interface:
The user interface of
Red Flag Server 4.0 has been improved significantly.
KDE 3.1 offers more pleasing user interface
and more smooth operations compared with KDE
2 (Red Flag 3 series). Benefiting from
the interface research works conducted by Red
Flag, this version brings the look-and-feel,
useability, configurability and Chinese support
of Linux interface to a new level. Considerable
careful works are done to satisfy the user habit.
New features including:
- more Chinese input
method: including ZiGuang, WuBi and easy-to-use
input method management tool;
- better vector fonts,
provide anti-aliasing and superb displaying
effect;
- what-you-see-is-what-you-get
style of graphical monitor configuration tool;
- integrated computer
management interface - control panel;
- new system management tool, easy for both
Windows and Linux sysadms to get started.
- unified clipboard
- enhanced recycle bin
- automatic software installation and management,
by double-clicking on software package file,
software management tool will be fired up
automatically to prepare for installation.
- on-line software upgrading and installation,
which searches the upgrading list posted on
Red Flag website, download and upgrade software
packages.
- web browser mozilla is upgraded from Server
3.0R2's 0.9.3 to 1.3.
|
|
