To all mac lovers – long-time fans and recent converts alike.
Mac on Gov’t Intranets
March 15, 2010 at 2:57 pm #95080
My agency has been PC-only for many years. It seems somebody somewhere got the idea that having Macs on the network would be a security problem. Our IT department is now starting a pilot program for Macs on the network. I’m curious if other government agencies are using Macs on their intranets and what special accomodations they’ve made, how it’s been working, etc…
I have a Mac at work for my video editing, but it is not on the network, which means a lot of running back and forth with external hard drives. :[ If I was on the intranet, that would definitely make file transfers easier, but I’m wondering if it’s worth it for what I’d give up? Right now I have complete control over that Mac. If I need a program, I download it, no asking IT for permission and waiting for them to come and do it for me. Also, I am responsible for R&D on social networking and virtual worlds for use in our training programs and that is the only computer that I can access some of those on.
Basically, I’m just curious about who is using Macs on a comapny intranet and what the benefits and difficulties are. I’ll keep you up to date on our pilot program as it progesses.
March 15, 2010 at 3:24 pm #95109
I am not a government employee, rather, I am the IT Director for a government contractor. We chose to “go Mac” 7 years ago and have not looked back since. With nearly 100 employees, we have never had a virus do any damage, and the computers themselves are extremely reliable. In a previous position I worked with XP and I can tell you keeping ahead of the updates, virus protection, adware protection, spyware protection and all the other junk you have to load on a PC to keep it clean was a massive chore. Working with a Mac infrastructure is simple, and we are running two servers, 80 workstations and a dozen printers. I maintain the entire system myself. I am certain that if we were all Windows we would need at least 2 more help desk personnel. So, while the initial investment is higher, the long-term costs are lower due to all the things I just mentioned.
The downside is software compatibility. While there is tons of software for the Mac, the simple fact is that most business applications are written for Windows. So, your IT policy-makers may immediately discount Macs as a viable option. However, as an example, we use Quickbooks Enterprise for our accounting system. Thanks to the adoption of Intel processors by Apple some years ago, you can now create a separate partition on your mac to run Windows. This is called Boot Camp and works spectacularly. Furthermore, programs like VMWare Fusion and Parallels can be used to run Windows in an OSX window, and give you the ability to drag and drop files across operating systems. So, since Quickbooks is PC-only, we simply installed in into the Windows partition, and drop an icon onto the OSX toolbar. When our accountant needs to access QB, they just run it like any other program. It’s a tad slower, but it works well and this way they don’t need a PC on their desk as well as their Mac.
I can’t say enough good things about them, and if I had my way, they would be much more prevalent. I have yet to encounter an issue that I could not conquer with a little creative thought and research.
I hope this helps!
March 15, 2010 at 3:33 pm #95107
That’s great to hear! I run Parallels on my personal Mac. That might be an option for our agency. I am not directly involved in the pilot program, but am keeping tabs on it, as the outcome will affect my work. I think part of our issue here is that we are still using some VERY outdated programs (IE666 and Outlook Server 2003, among others).
March 15, 2010 at 3:33 pm #95105
March 15, 2010 at 3:35 pm #95103
We have been supporting Macs on our network for a few months now. The introduction of Snow Leopard was the catalyst for us certifying Macs on the network. The key aspects of Snow leopard that enable this are Full Active Directory compatibility (without customized extensions and includes group policy).
We performed a lot of testing and analysis and did not find any security issues. In fact, with Mac’s bitlocker, we eliminated the need to have separate hard disk encryption to protect confidential data.
Remote management is very easy and existing infrastructure management software (LanDesk) supports Macs too.
I have been 100% mac now for atleast 5 months at the office, and havent even fired up my Fusion Virtual windows machine in a month or so.
March 15, 2010 at 3:36 pm #95101
Thanks, I just favorited his website! It looks like it will be useful for a lot of things!
March 15, 2010 at 3:41 pm #95099
That would pose a problem as follows:
1) In order to use Mail.app or Entourage (Microsoft Office of Mac) for email, your folks will either need to be on Exchange 2007 or use web mail only. We were successful in using Entourage with Exchange 2003, but it had lingering issues, disconnect, sync issues, etc. The MS Active Sync support in Exchange 2007 is much better and “production grade”
2) IE only software will always be a problem. We have several (modern) web apps that are designed for IE and are kind kludgy on Firefox and Safari. That is an ongoing nuisance. Most newer versions of Enterprise apps are recognizing these issues and correcting for cross-browser compatibility. In the mean time, we use Fusion/Parallels and use IE6/7/8 as neeed.
3) Depending on the maturity of your network security group, they may frown upon the NAT networking features of Paralles/Fusion. However, both parallels and Fusion can be mandated to use only bridged networks. This would require disabling any port security on the switch if you guys do that, but it is still manageable.
March 15, 2010 at 3:46 pm #95097
Our 3-person (down from 7) Marketing staff has used Macs for about 20 years — we got them when Macs were clearly superior to PCs for design work. We’ve fought to keep them and have been successful, thankfully. We’ve been on the intranet since the agency put one up, with no special accommodations needed, and no security issues. Just the other day I found out about one page created on Interwoven that didn’t show up on the Macs … still investigating why that happened. But other than that, we’ve had no problems that I recall.
March 15, 2010 at 4:53 pm #95095
Thanks, Jean-Paul! I will pass your offer on to my friend who is working on the pilot! I’m sure it will be appreciated.
March 15, 2010 at 6:26 pm #95093
Robert W. AhrensParticipant
I’m the IT tech for Tara’s office, and I am involved in the new Mac pilot. Excited, yes I am, I’ve been warting the IT structure here at FDA for years, and am known as the local “Macaddict”!
Thanks for offering the information. They’ve already done a lot of work, Apple has been working with them for seven or eight months, and now that we’ve got the pilot on a solid footing, organization-wise, and with management solidly on board, I am looking for things to start moving along.
I’ll contact you via email. Mine is [email protected].
March 15, 2010 at 8:23 pm #95090
As motivation, sharing a pic of my sweet Mac setup in DC Gov. We deal with highly sensitive tax and financial data. If they can work in our environment, im sure Macs can work anywhere.
March 15, 2010 at 9:10 pm #95088
Robert W. AhrensParticipant
March 16, 2010 at 2:02 am #95086
Robert invited me to join this discussion, so let me introduce myself. I am the tech lead for the FDA Mac pilot, and Robert has been assimilated (willingly) into the Pilot project. Sounds like you may be a candidate yourself. I’d love to chat with you and Robert together about your needs and how they may be addressed in the pilot. Drop me an Email, I’m in the GAL.
March 16, 2010 at 11:49 am #95084
If you are working with Apple, that’s the best way to go about it…
Good place to start is here – http://www.apple.com/business/solutions/it/
Some folks here are using instadmg to create images for mass deployments:
And we use Centrify for AD and Mac desktop management (as well as Unix systems).
If you want me to pass around your email to the apple system admins group, I can, just let me know.
But best thing probably is to work with your Apple reps directly.
April 12, 2010 at 10:19 pm #95082
I love Mac, Y BCause I use both Mac and Windows on Mac a/c. Say yes for Mac in Federal. I use MacBook Pro for video editing. The Mac Snow Leopard is smooth and cool since it uses UNIX kernel. I can do multitasking in multiple windows. It does Virtualization far much better than PC, so resources are better allocated to my work.
iMac with Leopard server is very affordable, should MacPro be prohibitive in cost to begin investment.
You must be logged in to reply to this topic.