os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en/features.sgml
Hiroki Sato 85091d3db7 Merge new www design. 
Submitted by:	Emily Boyd (emilyboyd at emilyboyd dot com)
Sponsored by:	Google Summer of Code 2005
2005-10-04 20:06:58 +00:00

166 lines
7.6 KiB
Text
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" [
<!ENTITY date "$FreeBSD: www/en/features.sgml,v 1.26 2005/07/16 06:26:38 rushani Exp $">
<!ENTITY title "About FreeBSD's Technological Advances">
<!ENTITY % navincludes SYSTEM "includes.navabout.sgml"> %navincludes;
<!ENTITY % includes SYSTEM "includes.sgml"> %includes;
]>
<html>
&header;
<h1>FreeBSD offers many advanced features.</h1>
<p>No matter what the application, you want your system's resources
performing at their full potential. FreeBSD's advanced features
enable you to do just that.</p>
<h2>A complete operating system based on 4.4BSD.</h2>
<p>FreeBSD's distinguished roots derive from the latest <b>BSD</b>
software releases from the Computer Systems Research Group at the
University of California, Berkeley. The book <i>The Design and
Implementation of 4.4BSD Operating System</i>, written by the 4.4BSD
system architects, thus describes much of FreeBSD's core functionality
in detail.</p>
<p>Drawing on the skills and experience of a diverse and world-wide
group of volunteer developers, the FreeBSD Project has worked to
extend the feature set of the 4.4BSD operating system in many ways,
striving constantly to make each new release of the OS more stable,
faster and containing new functionality driven by user requests.</p>
<h2>FreeBSD provides higher performance,
greater compatibility with other operating systems and less system
administration.</h2>
<p>FreeBSD's developers attacked some of the more difficult problems in
operating systems design to give you these advanced features:</p>
<ul>
<li><b>A merged virtual memory and filesystem buffer cache</b>
continuously tunes the amount of memory used for programs and the
disk cache. As a result, programs receive both excellent memory
management and high performance disk access, and the system
administrator is freed from the task of tuning cache sizes.</li>
<li><b>Compatibility modules</b> enable programs for other operating
systems to run on FreeBSD, including programs for Linux, SCO UNIX,
and System V Release 4.</li>
<li><b>Soft Updates</b> allows improved filesystem
performance without sacrificing safety and reliability.
It analyzes meta-data filesystem operations to avoid having
to perform all of those operations synchronously.
Instead, it maintains internal state about pending meta-data
operations and uses this information to cache meta-data,
rewrite meta-data operations to combine subsequent
operations on the same files, and reorder meta-data
operations so that they may be processed more efficiently.
Features such as background filesystem checking and
file system snapshots are built on the consistency
and performance foundations of soft updates.</li>
<li><b>File system snapshots</b>, permitting administrators to take
atomic file system snapshots for backup purposes using the free
space in the file system, as well as facilitating <b>background
fsck</b>, which allows the system to reach multiuser mode without
waiting on file system cleanup operations following power outages.
</li>
<li>Support for <b>IP Security (IPsec)</b> allows improved security in
networks, and support for the next-generation Internet Protocol,
IPv6. The FreeBSD IPsec implementation includes support for a
broad range of <b>accelerated crypto hardware</b>.</li>
<li><b>Out of the box support for IPv6</b> via the KAME IPv6 stack
allows FreeBSD to be seamlessly integrated into next generation
networking environments. FreeBSD even ships with many applications
extended to support IPv6!</li>
<li><b>Multi-threaded SMP architecture</b> capable of executing the
kernel in parallel on multiple processors, and with <b>kernel
preemption</b>, allowing high priority kernel tasks to preempt
other kernel activity, reducing latency. This includes a
<b>multi-threaded network stack</b> and a <b>multi-threaded
virtual memory subsystem</b>. With FreeBSD 6.x, support for a
fully parallel VFS allows the UFS file system to run on multiple
processors simultaneously, permitting load sharing of
CPU-intensive I/O optimization.</li>
<li><b>M:N application threading via pthreads</b> permitting threads
to execute on multiple CPUs in a scaleable manner, mapping many user
threads onto a small number of <b>Kernel Schedulable Entities</b>.
By adopting the <b>Scheduler Activation</b> model, the threading
approach can be adapted to the specific requirements of a broad
range of applications.</li>
<li><b>Netgraph pluggable network stack</b> allows developers to
dynamically and easily extend the network stack through clean
layered network abstractions. Netgraph nodes can implement a broad
range of new network services, including encapsulation, tunneling,
encryption, and performance adaptation. As a result, rapid
prototyping and production deployment of enhanced network services
can be performed far more easily and with fewer bugs.</li>
<li><b>TrustedBSD MAC Framework extensible kernel security</b>,
which allows developers to customize the operating system security
model for specific environments, from creating hardening policies
to deploying mandatory labeled confidentiality of integrity
policies. Sample seucrity policies include <b>Multi-Level
Security (MLS)</b>, and <b>Biba Integrity Protection</b>. Third
party modules include <b>SEBSD</b>, a FLASK-based implementation
of <b>Type Enforcement</b>.</li>
<li><b>GEOM pluggable storage layer</b>, which permits new storage
services to be quickly developed and cleanly integrated into the
FreeBSD storage subsystem. GEOM provides a consistent and
coherent model for discovering and layering storage services,
making it possible to layer services such as RAID and volume
management easily.</li>
<li>FreeBSD's <b>GEOM-Based Disk Encryption (GBDE)</b>, provides
strong cryptographic protection using the GEOM Framework, and can
protect file systems, swap devices, and other use of storage
media.</li>
<li><b>Kernel Queues</b> allow programs to respond more efficiently
to a variety of asynchronous events including file and socket IO,
improving application and system performance.</li>
<li><b>Accept Filters</b> allow connection-intensive applications,
such as web servers, to cleanly push part of their functionality into
the operating system kernel, improving performance.</li>
</ul>
<h2>FreeBSD provides many security features
to protect networks and servers.</h2>
<p>The FreeBSD developers are as concerned about security as they are
about performance and stability. FreeBSD includes kernel support for
<b>stateful IP firewalling</b>, as well as other services, such as
<b>IP proxy gateways</b>, <b>access control lists</b>, <b>mandatory
access control</b>, <b>jail-based virtual hosting</b>, and
<b>cryptographically protected storage</b>. These features can be
used to support highly secure hosting of mutually untrusting
customers or consumers, the strong partitioning of network segments,
and the construction of secure pipelines for information scrubbing
and information flow control.</p>
<p>FreeBSD also includes support for encryption software, secure
shells, Kerberos authentication, "virtual servers" created using
jails, chroot-ing services to restrict application access to the
file system, Secure RPC facilities, and access lists for services
that support TCP wrappers.</p>
&footer;
</body>
</html>
<!--
Local Variables:
mode: sgml
sgml-indent-data: t
sgml-omittag: nil
sgml-always-quote-attributes: t
End:
-->
Reference in a new issue View git blame Copy permalink