(This page uses style sheets.)
The current de facto standard is Office which includes Word, Excel, PowerPoint and Outlook together with their associated file formats: *.doc, *.xls and *.ppt. These formats are not open, and change from one version of Office to another. Even Microsoft's own products cannot guarantee the ability to read and write a file with 100% accuracy unless the files was created with the same version of their product.
OSS applications are now able to read these formats with enough accuracy that any problems encountered are not dissimilar from those found in using different versions of Microsoft's own products. The older the format, the better the OSS applications are at dealing with it. OSS applications tend to be better at reading files in Microsoft's formats than writing files in those formats. In general the OSS applications can therefore be used with confidence. For example, Ximian, with their latest desktop product, have set the default file formats in their version of OpenOffice.org to be Microsoft's.
The exception is where some sort of collaborative working is required and at least one of the parties insists on using a proprietary format. The reading, alteration and re-writing of files in these formats can introduce anomalies which the use of a single proprietary application would not. However it must be borne in mind that this sort of corruption can also occur if different versions of the proprietary software is used.
For files that are only intended to be read and not updated, then PDF format should be used as discussed in Chapter 7.3 above.
Some may feel that the user interface should be as similar as possible to the Microsoft's software to minimise re-training costs.
Templates and Visual Basic (VB) macros are common in many Administrations. These are similarly in a closed proprietary format and will need to be re-written.
There are three OSS office suites, OpenOffice.org, KOffice and Gnome Office, all of which should be considered.
A pilot study comparing the various OSS office suites' ability to handle Microsoft Office files is available on the web:
http://www.acmqueue.com/modules.php?name=Content&pa=showpage&pid=55
OpenOffice.org is an OSS office suite based on StarOffice, which was produced by a German company called StarDivision. Sun Microsystems purchased StarDivision and contributed the code to the OSS community. It continues to market a version of OpenOffice.org, still called StarOffice, which it sells at a much lower price than comparable proprietary packages.
StarOffice and OpenOffice.org are essentially identical except that:
Sun Microsystems provides commercial support for StarOffice.
StarOffice has an inbuilt database system (Adabas).
StarOffice has some extra filters for migration to/from other office packages (however the Wordperfect filter is not available on GNU/Linux for licensing reasons).
StarOffice has some proprietary fonts.
StarOffice is only available in a rather more restricted set of languages (Dutch, French, Italian, English, German, Spanish and Swedish).
OpenOffice.org is updated more frequently than StarOffice.
Both applications are comparable with Office but do not include an email client. Both handle most Office files up to and including Office XP, although compatibility gets progressively worse with Office versions later than Office 97. They do not handle files that are password protected (except sheet level protection in spreadsheets) and have some problems with OLE linked graphic objects.
They have their own implementation of Basic and cannot handle Visual Basic macros, which must be translated by hand. Although the translation is a migration cost, the lack of macro support stops macro viruses being transmitted. Sun Microsystems are setting up links with companies to translate Microsoft's macros and templates to a form compatible with StarOffice.
They also offer a Java interface, but currently only recognise the Sun Microsystems JDK. Sun Microsystems have announced a project to develop a Visual Basic for Applications (VBA) to Java translator.
The downloadable version of OpenOffice.org only contains a few dictionaries but dictionaries are available for most European languages. Pre-built versions exist already for 25 different languages.
Although OpenOffice.org does not currently offer a database package, it does have ODBC and JDBC interfaces to many common database systems including the popular OSS ones. Also there are no conversion filters for Wordperfect, but this is planned for a future release.
Both run on a range of operating systems including Windows and GNU/Linux.
Reviewers are starting to rate OpenOffice.org for both functionality and stability – see:
http://www.raycomm.com/techwhirl/magazine/technical/openofficewriter.html
The following site provides a good OpenOffice.org manual:
http://www.taming-openoffice-org.com/
This is the office component of the KDE desktop. It is an integrated package providing word processing, spreadsheet, charting, presentation, illustration, report generation and flow charting tools with an optional desktop called Workspace.
The Microsoft file filters are not as good as the ones provided by OpenOffice.org. It does not have a macro language, but scripting is available.
Koffice works well and has a nice intuitive interface.
This is a collection of programs that are written to the Gnome standards and thus can integrate with one another, have a similar user interface and should be able to embed one another.
OpenOffice.org is now considered part of Gnome Office, even though it does not adhere to the Gnome standards. Ximian, in particular, are working to make OpenOffice.org more compatible with Gnome and have included their own version in their latest desktop product, XD2. See http://www.gnome.org/gnome-office/ for more details.
Gnome Office has many components including AbiWord (wordprocessing), Gnumeric (spreadsheet), Sodipodi and Sketch (vector graphics drawing), Gimp (image editing), Eye of Gnome (image display), Dia (vector graphics, similar to Visio) and Agnubis (presentation graphics).
These components are at varying degrees of usability; for instance Abiword is very good at basic wordprocessing but has problems with tables, and Agnubis is very limited, whereas Gnumeric is a very capable spreadsheet. Development work on nearly all the components is still very active.
Gnumeric in particular have the goal of developing a spreadsheet which can do everything Excel can, and a great deal else as well. The latest beta test release of Gnumeric (1.1.20 at the time of writing) supports all of the worksheet functions of the US version of Excel, and a production release including this level of functionality is expected in September 2003. The developers come from a financial background and they have included a number of features which make Gnumeric particularly useful for financial applications. It is in this area that they believe Gnumeric excels over Excel.
Gnumeric uses *.xls as its native file format, while OpenOffice.org converts spreadsheets to an XML-based format.
The range of products available is interesting and, together with OpenOffice.org, provide a number of different solutions. However if an integrated suite is required then currently OpenOffice.org is the only real solution.
Mail is a complex area with several logical components, and has a wealth of OSS applications some of which provide overlapping functionality. It is also closely linked with other issues including virus and spam (“junk email”) control.
The choice of appropriate applications is complex, and a detailed discussion of the issues is included in Appendix C together with a definition of all the terms used here.
The major OSS MTAs are Sendmail, Exim, Courier-MTA and Postfix. There are many others but these are regarded as the main ones for large scale use.
Traditionally Unix and OSS sites have used Sendmail as their MTA. Unfortunately it has had a poor security record and is also notoriously difficult to configure.
All the others have good reputations and at a technical level there is little to chose between them. However, there is a significant difference in the standard of documentation available, with Postfix being better documented at the beginner level and Exim at the expert level.
Exim and Postfix are included in some OSS distributions but may not be the default.
Courier-MTA comes as part of a family with a MTA, MDA (Mail Delivery Agent), MAA and webmail package (sqwebmail) available. Each part can be used on its own, or integrated with the rest of the family.
Qmail is an MTA which is often mistaken for OSS. Although source code is available, it has a copyright licence which allows only the distribution of versions exactly identical to those distributed by its author; it is therefore proprietary software. Its restrictive license makes it extremely difficult for OSS distribution vendors to support it or to integrate it with their other software, and they therefore do not distribute it. However, it has a good security record and is widely used.
Another interesting product is the Apache James mail server. This is intended to be a fully fledged MTA written in Java. It lacks some features at the moment but is worth keeping an eye on for the future.
The reference choice is Exim. This because it is as capable as Sendmail, while being easier to configure and probably more secure. The other two are perhaps less able to deal with large volumes of messages. The choice is not clear cut and Administrators should really make their own decision based on local requirements.
Most Administrations would want clients to use centralised mail storage rather than downloading messages to local storage on the desktop client. For this reason we strongly recommend the use of IMAP.
There are three well-known OSS IMAP servers; UW-IMAP (sometimes just called IMAP), Courier-IMAP and Cyrus.
UW-IMAP has a poor security history and we do not recommend it.
Of the other two, Courier-IMAP is widely considered to be the easier to configure. It has a smaller footprint and works well with Postfix and Courier-MTA. It is the MAA part of the Courier family. It requires maildir as the mail storage format. It is reputed to have difficulty handling some S/MIME messages, moving headers around in a way that invalidates the signature.
Cyrus uses its own mail storage format that is similar to maildir and requires its own MDA to populate the mailstore.
Both Courier-IMAP and Cyrus support TLS (a standard authentication and privacy protocol).
There are a number of MDAs, for instance procmail, Courier's maildrop which comes as part of the Courier family and Cyrus' deliver. The MDAs also have the ability to filter mail according to sophisticated rules which is useful if the MUA used does not have filtering facilities.
The reference choice was Courier-IMAP with no MDA. An MDA is not needed, because Exim is capable of writing directly to maildir structures and Evolution has its own very capable filters.
There are a large number of text-based and GUI MUAs available in the OSS field.
For those who are used to Outlook or Outlook Express and want to have something similar, the obvious choice is Evolution. Evolution is not only a mail client but also a Personal Information Manager (PIM). It has LDAP integration and can therefore access Administration name and address data as long as it is held in Evolution's own schema. It is being very actively developed by Ximian as their flagship product. Ximian make a product called Connector which allows Evolution to connect to Exchange (but not version 5.5). Connector is proprietary and has a licence fee.
Evolution unfortunately doesn't fully support disconnected mode IMAP. It only copies certain mail to the client rather than all. However it does have a very good feature called “virtual folders” which allows the user to define rules for viewing their mail in many different ways without actually having multiple copies of the mail.
Alternative MUAs are kmail and sylpheed. Both are very good and integrate with major OSS desktop environments. Kmail would be used if KDE is the desktop, while sylpheed would be used if Gnome is the desktop.
Evolution supports GPG but not S/MIME although it is expected to do so soon.
Mozilla supports S/MIME but not GPG or PGP although it will do soon.
Kmail supports S/MIME, GPG and PGP as part of the Ägypten project funded by the German Government.
Many groupware packages also include IMAP and POP3 compatible clients. In general they are not as good as Evolution, but may be sufficient if they integrate well with the other groupware functions.
In some cases it may be best to migrate certain categories of mail user to a web-based user interface. SquirrelMail is a particularly good one, which can be found at http://www.squirrelmail.org/.
The Open Systems Applications Foundation produce a product called Chandler which is in its infancy but is worth monitoring for the future. It is a potential competitor for Evolution.
Since the majority of users will probably require a Microsoft Outlook look-alike, Evolution is likely to be the preferred choice, and it is the reference choice. However if S/MIME is required immediately then Kmail must be used which may mean using KDE instead of Gnome.
If OSS systems are correctly configured then viruses have limited effect. However there is the problem of passing viruses on to sites that run other operating systems, including Microsoft's products in particular.
There is one OSS anti-virus product, ClamAV, but it has some problems. Therefore fully supported proprietary products are recommended as present.
The best way to run such products is as part of the MTA. Both Postfix and Exim provide means of incorporating such filters.
There is a choice of proprietary products. Sophos, RAV and Vexira all have good reputations. Trend is good at virus checking but must be run with super user access, which makes it a greater potential security problem should it be compromised.
No choice is made for the reference model as netproject have been unable to fully test the products.
There are a number of anti-spam tools and tools that prevent executable attachments being downloaded with email.
SpamAssassin is probably the best known of the message analysis anti-spam tools.
Anomy Sanitizer is a configurable tool capable of removing attachments from messages. It is configurable, but needs to be used with caution since the removal may invalidate the signature of a signed document.
MailScanner is a general framework for content checking, including anti-virus and anti-spam measures. It can invoke one or more proprietary anti-virus products on email messages and can also use SpamAssassin, as well as applying its own rules.
Fetchmail collects email from a remote mailstore and either stores it or passes it to another MTA. Because it pulls mail onto a machine (i.e., the transfer is initiated by the receiving party) it is useful where, for security reasons, Administrators do not want to open a port on their Internet gateway machine to allow email to be pushed to them (where the sender initiates the transfer) as would happen with the normal SMTP model.
OfflineImap is a tool which allows a mailstore on a central server to be synchronised with a mailstore on a client. This is done by the client connecting to the server using IMAP on a regular basis. The local structure is maildir. This can be very useful to allow disconnected mode IMAP to be emulated if the MUA doesn't fully support it.
Whoson allows the POP-before-SMTP method of authentication of remote users. The use of this is necessary if users are to be able to send email through the Administration's servers remotely if authenticated SMTP is unavailable and the Administration's MTA is open to connections from IP addresses outside its trusted range.
Storing data in an LDAP server requires a schema to be chosen. The schema must be compatible with all the clients which may require to access the data. Fortunately some packages come with a schema that not only supports their needs but also the needs of several other packages as well.
Courier-IMAP comes with a schema but Exim does not. The Courier schema was found to support Exim as well. We do not know if it supports all the capabilities of Exim.
Some problems were discovered with the LDAP configuration file for Courier. Fixes have been fed back to the developer but have not yet been included in a release.
Using Courier with Whoson requires some patches to Courier. Some were available on the Whoson site, but were rather old and needed significant updates to work with the selected version of Courier.
Calendaring is an ill-defined subject within OSS. This is due to the absence of open standards for communication between the clients and the central server. Hence the products developed so far use web-based delivery and this may not provide the look and feel that people have become used to with Exchange and Outlook. This area is a significant weakness in the OSS portfolio.
Products listed in the table overleaf can be assumed to use web-based delivery unless stated otherwise. All of them are part of groupware suites which have a wide variety of other features.
Most of the groupware products are written in PHP or Perl, and can therefore be customised. Some interesting integration of facilities has been built into these products.
phpGroupWare (http://www.phpgroupware.org/) has a good reputation.
Groupware Product Details
|
|
|
Calendaring |
Document Mgmt |
Chat |
Task List |
Contact Mgmt |
Database |
Time Sheet |
Scheduling |
Other facilities |
Remarks |
|
NullLogic |
Y |
Y |
Y |
[1] |
Y |
|
Y |
|
|
|
|
|
Twiki |
|
Y |
Y |
Y |
|
|
Y |
|
|
|
More of a framework than a product. |
|
phpGroupWare |
Y |
Y |
Y |
|
Y |
Y |
Y |
|
Y |
|
Difficult to find precise information from the web site |
|
phProject |
Y |
A, B |
Y |
|
[2] |
Y |
|
Y |
|
Project Management, Bookmarks, Reminder, Search System, voting system, request tracker |
|
|
Tutos |
Y |
B |
Y |
|
|
Y |
|
Y |
|
|
|
|
Twiggi |
Y |
Y |
|
|
[2] |
Y |
|
|
Y |
To Do, Bookmarks |
|
NOTES
1 Standard IM plus forum (BBS)
2 Short “sticky note” type functionality
A Timesheet recording; Request Tracking, a form of workflow management; “ToDo” list; Dynamic Projects
B Resources (e.g. meeting rooms, overhead projectors) and Event recording (forthcoming as well as past)
The horde is a framework for running other applications. For instance, Imp, a web mail server, Turba, a contact manager, and Kronolith, a calendar. See http://www.horde.org/.
NullLogic appears only to offer English language interfaces but phProject, Tutos, Twiggi and Twiki all support a range of languages.
A very recent OSS product is OpenGroupware from http://www.opengroupware.org/. This is the formerly proprietary application SKYRiX which has been made OSS by its owners. This is intended to be an Exchange substitute. There has been no time to fully investigate it yet but initial indications are that it will become very influential.
Another recent product is Kroupware (See http://kolab.kroupware.org/). This product has a client based on Kmail is worth investigation particularly if KDE is chosen as the user interface or Kmail is chosen as the MUA to support S/MIME.
All the products have the ability to maintain personal calendars and to-do lists unless stated otherwise.
Tutos, Twiggi and NullLogic all support group calendars. Tutos is controllable in levels ranging from individual, through work group and project group to everyone.
In NullLogic, calendars cannot be kept private from other members of the group, but tasks can.
Many of the products incorporate resource scheduling features which can be used to plan meetings.
Tutos allows for automatic allocation of people, together with automatic email notification to those who are not on the shared calendar (such as those in other organisations). It keeps track of acceptances and will send reminders via email if required. phProject is similar, and will handle SMS text notifications as well.
NullLogic supports all the above features, except for room allocation.
phProject has an add-on that synchronises with PalmOS-based PDAs. PDA synchronisation is also supported as part of Gnome and Evolution. Most popular PDAs can be synchronised.
The main OSS browsers are Mozilla, Galeon and Konqueror. There are others such as Lynx which is text only, and often used as the basis for browsers for people with disabilities, and Mozilla Firebird (formerly known as Phoenix), a light weight variant of Mozilla. There is also a proprietary browser, Opera, which has a version which works on GNU/Linux. Netscape is based on Mozilla and runs on OSS platforms, but includes some proprietary code.
Mozilla is the major OSS project based on code released by Netscape, and is the basis for Netscape 7. It contains mail and news components together with an address book and a web authoring tool. Much of the Mozilla code is used by other projects including Galeon and OpenOffice.org.
Galeon is a browser only and is designed to be small and fast. It is based on Gecko, the rendering engine upon which the Mozilla project is based, together with a Gnome user interface.
Both Galeon and Mozilla support all web-related open Internet standards and can execute properly-written Java and Javascript.
Some content requires a plugin that is only available for Windows, such as Shockwave Director. The proprietary CodeWeavers CrossOver Plugin product allows plugins that work under Windows to run under GNU/Linux.
Konqueror is the web browser written for the KDE desktop and is also used as a drag-and-drop file manager. It is based on the KHTML rendering engine, with the Mozilla Gecko one as an option, together with a KDE user interface.
The most popular OSS web server is Apache, which, according to the Netcraft survey (http://www.netcraft.com/) has over 60% of the market and its share is growing. An increasingly popular combination of products goes under the name LAMP: Linux, Apache, MySQL and PHP. This provides a framework for web sites accessing SQL databases via the PHP language. All the components are OSS.
The Apache project contains a number of sub-projects, one of which is called Jakarta and covers the server-side use of Java. Jakarta itself consists of sub-projects, two of which are Tomcat and Slide. Tomcat provides a product for Java servlets conforming to the JSP standard, and the ability to use technologies such as IBM's Websphere. Slide is a Java-based implementation of WebDAV allowing content management. See http://www.apache.org/ for full details.
Other OSS servers worth considering are Zope and Tux.
Zope (http://www.zope.org/) is designed to provide dynamic web content support and is based on an object-oriented model. It is an interesting package, as it combines a content management system with a web server and a template system in one package. Zope also supports modular add-ons (called products) and is based on the object-oriented Python language. It is common to find Zope deployed “behind” Apache in a multi-server configuration, where Apache serves static content and acts as a cache-based accelerator for the parts of the site managed by Zope.
Tux is a Red Hat development now called The Red Hat Content Accelerator. It uses a special kernel and is supposed to provide very fast response for static pages.
Roxen is another combination web server and content management system, although for full management functionality it is necessary to buy proprietary add-ons.
Of these, Apache is by far the most popular. It currently runs 63% of the world's public websites and is gaining market share from IIS steadily, so there is plenty of experience to draw on when planning a migration. Apache is a modular server, with a core protocol engine and a large selection of modules for specific purposes.
Zope, together with other OSS components, are part of a EU funded project called ASWAD http://www.aswad-project.org/ which is designed to provide content management. netproject had hoped to be able to assess this project but have had difficulty obtaining up-to-date details. An interesting project based on Zope is Plone (http://www.plone.org/).
JBoss (http://www.jboss.org/) is a Java-based application server is. It has a good reputation and is actively developed.
There are now many OSS content management products, as a visit to http://www.oscom.org/matrix/index.html will show. netproject could not find any detailed information in the published case studies and were unable to investigate these in the detail needed to choose a Reference Model candidate.
Document Management can, and perhaps should, be thought of as a form of content and workflow management. This is the sort of thing that ASWAD (see 11.4.3 above) is intended to cover. netproject would therefore recommend that a solution based on the available content management solutions is adopted. In particular, those using WebDAV might provide the most useful solutions.
A German standard called DOMEA (Disposition and Archiving of Electronic Records) which isn't widely used outside of Germany has been adopted by IBM in conjunction with SAP. Most of the documents relating to DOMEA (in particular, those found by a Google search) are written in German. There is a company called FabSoft which provides support for DOMEA on GNU/Linux on IBM mainframes. There appears to be no OSS product which supports DOMEA.
Some of the groupware products provide support for document management:
Tutos includes a document management system that has version management as well.
NullLogic includes a simple capability to store, index and download files. It does not seem to offer a change management system. It has a generalised query mechanism that could be set up to offer sensible indexing.
This function can be implemented ad-hoc by simply exchanging documents between people. Exchange can be by email attachment or by mechanisms such as those used by CIRCA.
Collaboration requires parties to agree on the format of the document, and currently many people use Microsoft's *.doc by default. This default means the parties have to trust each other, because such formats can be efficient carriers of viruses. Also, as a standard, *.doc is not ideal because it is constantly changing; the format as used by Office 2000 is not identical to that used by Office 97. This means that the parties also have to agree on which software version to use.
There is pressure to adopt standards-based document formats, in particular ones based on XML. OpenOffice.org provides an open XML-based document standard which could be used as a basis for collaboration.
A more structured approach would be to adopt a content management/workflow solution as described above.
The Tutos groupware product allows documents to be subject to the control of just one person or by all within a defined group. NullLogic and Twiki also have refined controls.
As for content management above, there is no Reference Model candidate.
The OSS database systems available include MySQL, PostgreSQL and Firebird. They have significantly different characteristics and applicability.
MySQL is a lightweight SQL database favoured for web servers and similar applications. It is appropriate in situations where reading predominates over writing. It does not support database procedures or complex sub-queries. Support for database procedures is planned for version 5.
PostgreSQL is a full-featured DBMS comparable with Oracle and DB2, but without the more advanced features needed to handle very large volumes of data.
Firebird is a version of Borland's Interbase database released under an OSS licence. Much of the code is common with Interbase and as such it must be regarded as mature. There is a project to add a database capability to OpenOffice.org using Firebird, but this is in its early stages.
Ad hoc personal databases are not well supported in OSS. There is no direct equivalent to Access, nor is one being developed.
Several of the groupware packages do offer some capability in this area using a variety of OSS SQL databases as a back-end. In some cases (such as NullLogic) ordinary users can only use pre-defined queries. Some offer the ability to define forms that can be used to store and access data.
Most DBMS products support direct APIs with C language bindings. Some also support C++ natively.
All offer ODBC and JDBC connectivity. Some also offer .NET connectivity.
There is a product called Unix-ODBC which provides ODBC-like connectivity to Unix and GNU/Linux programs.
Database performance is heavily dependent on the size of tables involved and the complexity of queries.
None of the OSS offerings would be able to cope with the demands that proprietary databases such as Oracle can. This is especially so in applications such as data warehousing, partly because none of them yet have the ability to provide a distributed database capability.
The proprietary products Oracle, DB2, Ingres, Informix, Progress, Mimer and Sybase are available to run on GNU/Linux and could be considered the preferred options for heavy database applications where the OSS products are not yet suitable. The Oracle development tools are supported on GNU/Linux.