Linux continues to make highly visible inroads into IT infrastructure, with IDC reporting 14 consecutive quarters of double-digit growth in Linux server shipments through the third quarter of last year. Less visible to both IT professionals and casual observers alike is the equally impressive penetration of Linux in a wide range of client devices, from routers to firewalls, from private branch exchanges to voice-over-IP phones, from printers to imaging devices and from thin clients to smart mobile phones.

In earlier embedded applications, end users had no reason to care what sort of software came deployed in devices: systems and peripherals either functioned well or did not, and the embedded operating system and applications that powered them remained out of sight and out of mind. In the past three years, however, underlying Linux and open-source deployment in intelligent IT infrastructure devices has grown to levels equalling or surpassing server-side use. According to Venture Development, 29 per cent of embedded 32- and 64-bit application designs were built using Linux in 2005, with communications being the top application area. This ubiquitous adoption opens new avenues for IT professionals to control and customise formerly fixed-function devices in their fleets, with tangible benefits realisable in performance, security and manageability.

The open-source operating system is everywhere; unlike its proprietary predecessors, it is no longer hidden away deep inside devices.

IT professionals -- from systems administrators to IT directors to CIOs -- can leverage the increasing use of Linux in intelligent devices as part of their strategies for enterprise application and service delivery.

Common protocols

The emergence of standards-based technologies, such as TCP/IP and HTTP, has eased the task of acquiring, integrating, provisioning, deploying and maintaining all classes of devices. Before such protocols, each class of device -- indeed, each device itself -- was likely to use unique and incompatible interfaces, creating complexity for IT professionals and raising costs throughout the life cycle. The introduction of standards-based equipment has contributed greatly to simplifying IT infrastructure, but embedded platform fragmentation -- for example, CPUs, architectures, operating systems -- combined with attempts to "add value" by extending and modifying protocols, preserves inter-device "babble" and complicates IT operations.

Even devices ostensibly built on the same proprietary operating system technology, such as Windows XP or Windows CE, or even devices from the same manufacturer, can exhibit idiosyncrasies that limit interoperability.

The increasing use of Linux across IT greatly reduces incompatibilities among hardware types. Even across Linux distributions and CPU ports, the open-source operating system deploys identical versions of the same TCP/IP stack, leverages the same standard Web browsers and builds on the same file-sharing protocols (NFS [Network File System] and Samba). This continuity makes life easier for systems administrators and other IT staffers. Ditto for comparable command shells, scripting languages, open document formats and the like. And, when and if incompatibilities appear, IT managers don't have to depend on slim documentation or overtaxed, underpowered support lines. They can peruse the underlying code themselves to discover the cause.

Management interfaces

Even if a heterogeneous setup of servers, desktops and dedicated devices works seamlessly, IT teams must still deal with interface issues that affect provisioning, configuration and management. With increasing deployment of underlying Linux, IT managers can choose from a range of common supported management interfaces (HTTP, FTP, SNMP, SSH, Telnet) and expect comparable behaviours from devices that use the same management protocols, especially the Simple Network Management Protocol, under Linux. Moreover, provisioning and management tools from third parties (like OpenCountry) further simplify and unify these chores, both with underlying Linux hosts and even in some cases on other platforms.


IT staff must constantly scramble to keep legacy platforms up to date with patches and service packs designed to meet emerging security threats. While the media is full of news about exploits in Microsoft Windows and Internet Explorer, what most reports fail to capture is the range and diversity of systems under threat and the spiralling effort needed to secure them.

As companies embrace Linux, IT teams find they can trade a proprietary mishmash that relies mostly on obscurity for an open, standards-based platform.

Rather than relying on one large vendor and a multitude of smaller ones for security patches, IT staffers can turn to peer-level support, community resources and their own expertise to address emerging security threats. And, because all implementations of Linux -- from servers to desktops to embedded -- use the same open-source IP stacks, Ipchains firewalls, SSH/SSL, security modules and other mechanisms, administrators can reuse hard-won expertise in one environment across their entire infrastructure.


In both mid-sized and large organisations, IT teams frequently customise operating systems to meet corporate needs and IT goals. It is common to produce "golden master" CDs for Linux installation and provisioning that are based on commercial or free distributions (such as Fedora Core or Ubuntu) that contain only packages and functionality that have been vetted by the IT team as supported and supportable. It is more difficult, technically and from a licensing point of view to perform the same slimming and trimming on proprietary operating system platforms, but it's not impossible.

Linux opens the possibility of comparable or sometimes even greater customisation. For example, many thin-client suppliers offer Linux-based configurations with a wide range of customisation options for security and bandwidth optimisation. Couple these commercial offerings with open-source projects like the Linux Terminal Server Project and PXES, and IT managers can choose between buying dedicated thin-client hardware and recycling existing hardware.

The option of customisation extends to other kinds of devices. Many, but not all Linux-based devices allow varying degrees of customisation, from adding user programs to updating software components to re-flashing the entire system image. GPL-required inclusion of source-code facilitates roll-your-own customisation, but many devices also feature manufacturer- or community-based customisation projects and Web sites. Examples include the Asus, D-Link and Cisco-Linksys wireless storage and routing devices; the Buffalo LinkStation and TeraServer; the Cyclades-TS100 device server; and 3Com's OfficeConnect SecureRouter and OfficeConnect virtual private network, to name a few.

In the case of the Linksys WRT54G (which I have here on my desk), you can turn a simple router/firewall into a powerful security appliance. Distributions and patches exist to add features like Secure Shell, Wonder Shaper, L7 regexp iptables filtering, Frottle, parprouted, BusyBox, custom Dynamic Host Configuration Protocol and dnsmasq, PPTP server, static DHCP address mapping, OSPF routing, external logging, and support for client, ad hoc, access point and WDS wireless modes.

Enterprise application platform

In theory, IT teams tasked with building and rolling out end-to-end enterprise applications can depend upon interoperability among operating systems and middleware across core, edge and client devices. For example, a project might need to pull together legacy Unix-based corporate data stores, Microsoft Windows XP utility and messaging servers, Windows desktop machines of various vintages and fielded client devices running Palm OS and Java, all glued together with a mix of dedicated routers and access equipment based on proprietary platforms like IOS and VxWorks.

In practice, such interoperability, when it does exist, depends on hard-won expertise in platform particulars at each tier and node. This greatly increases the complexity, cost and risk of any end-to-end endeavour. Across diverse platforms, there is no single "glue" paradigm (not even Java). While Web interfaces increasingly dominate the client-to-edge portion, a diverse set of back-end platforms and infrastructure types still presents a hard slog for developers and IT managers.

As Linux spreads across the infrastructure, the dream of building reusable and redeployable applications and middleware edges closer to reality. Today, Linux is a large, even dominant force at the core and edge of the enterprise, ubiquitous in the data centre and in infrastructure, and it's making inroads on the corporate desktop and in phones, handhelds and other clients. As OSDL and community projects continue to close technical gaps and remove barriers to deployment, Linux will increasingly provide a viable platform for business-critical, end-to-end enterprise applications.

Bill Weinberg is senior technology analyst at Open Source Development Labs Inc., a non-profit, vendor-supported organisation that helps companies use Linux.