The time are a changin’ and now the reasons for bringing Intel based Macs into an organization are very compelling. I had an opportunity to get new laptops for some of my network engineers and was initially rebuffed by finance when I suggested MacBook Pros. So I have included here an excerpt of the justification document that I sent to them. Keep in mind that I work at a Fortune 500, so some of the reasoning may not apply.
There have been some questions as to what the appropriate laptop standard for a Network Engineer should be. This brief overview aims to answer questions regarding the benefits the new Intel based Macbook Pro laptops afford us.
OS X provides a unix-based platform, which is the underlying architecture for most network devices. With the release of the new Intel based system it gives one access to not only OS X and Unix based tools, but allows for other operating systems to run natively on the system, including Free BSD and Solaris.
The TCP/IP stack is the component of the operating system that handles the various networking protocols for a computer. Different platforms have different TCP/IP stacks and therefore behave differently to network conditions. Certain network problems will only manifest themselves from a particular operating system’s TCP/IP stack. It is nearly impossible to troubleshoot Mac related network issues without an OS X machine.
For example, a common problem that occurs, but is very difficult to troubleshoot is an MTU problem. Computer’s send data in chunks. Networks are capable of handling chunks of a limited size. If a system attempts to send a chunk that is larger than the size the network can handle it will be discarded. This will be seen in Macs and some Linux and BSD systems and not in Windows systems. This is because Window systems use a smaller default MTU size.
The next generation of Windows, Vista, has a completely rewritten TCP/IP stack which will bring with it novel networking and security problems. The new MacBooks give us the ability to have access to multiple OSes on one box, but multiple versions of OSes through Apple’s Boot camp and Virtual Machine platforms from Parallels and VMWare.
Because the Macbooks can run multiple operating systems simultaneously it allows one to test and diagnose problems rapidly across implementations.
Tweaking the TCP/IP Stack
In order to diagnose network problems and to test implementations one needs to be able to tweak the behavior of the TCP/IP stack. Because OS X is a unix based system it allows one to easily do a great deal of customization to how the system behaves and how packets are generated.
OS X is built upon a BSD/Mach kernel which has advanced firewalling functionality. This not only allows one to troubleshoot in infected networks without risk of compromising one’s machine. Because it is not Windows based it is not vulnerable to most of the virus problems we see on the network.
This advanced firewall capability also allows one to use it for more elaborate functions. One can use it to simulate different network environments. You can, for example, have it randomly drop packets, or create delays to simulate over-utilized or high latency networks. One can also use it to apply Quality of Service and traffic shaping to network traffic to test things like VoIP, IPT and Video.
OS X comes standard with network diagnostic tools like tcpdump, which can capture packets over high volume networks. It has been our experience that the packet capture applications available on Windows have proven not to be able to perform at the level necessary to do a capture on a network with the volume of traffic that we experience.
Networking and security applications
Because OS X is a unix based system most of the major network and security tools are available to it. These include Nessus, Ntop, ethereal, tcpdump, etherape, ettercap, snort, hping, gnupg etc. Additionally, through the use of virtual machines Honeypots can be set up to capture traffic from infected machines.
Because the Macbooks now have an Intel based architecture one can take advantage of the Live CD security distributions that are complete security environments that can be booted on a virtual machine from CD.
We frequently need to test applications cross platform to understand how they are going to perform. These include the Cisco and Nortel VPN clients, Softphones for IPT applications, SIP phones and video conferencing applications. Because of the ability to run so many different operating systems, it is a very effective testing platform.
The Macbook Pro represents the ideal platform for network applications, because it provides an intuitive and powerful primary OS that has native access to all of the Microsoft Office suite of applications, while at the same providing the low level functionality to manipulate the networking components. Additionally, it is unique in its ability to run so many OSes natively, many of which provide critical networking and security applications.