Slashdot Mirror

← Back to Stories (view on slashdot.org)

Guardent To Sell Snort And Nessus

Posted by timothy on from the you-shore-got-a-purty-box dept.

Cally writes: "An interesting article appeared on the Info-Sec News list the other day about Guardent's new security appliance. Based on Snort, Nessus and IPTables, Guardent are taking the unusal step of trying to sell a product based on Free software into the highly resistant corporate security market. Although Free/Open security software is widely acknowledged to be better than commercial alternatives, it's rarely been trusted in the enterprise - the article points out that, although the NSA use Free software, the need for an expensive government audit prevents the government from saving money and improving security."

1 of 105 comments (clear)

  1. No audits for closed source ? by alphaque · · Score: 4, Interesting
    although the NSA use Free software, the need for an expensive government audit prevents the government from saving money and improving security.

    I find this statement terribly interesting. This implies that opensource software is more heavily auditted by the US government than closed source software.

    Does anyone else find this ludicrous ?

    One of the basic tenets of opensource software is that its bugs/vulnerabilities are presented for worldwide review. Any holes, trojans or vulnerabilities are caught faster and fixed almost immediately. Eric Raymond's find-fix-release cycle has been pretty much implemented in all active opensource projects. I find it interesting that the government, even if it is the NSA, is suspicious of opensource software, yet will trust the closed source products they buy. Isnt this placing your bets in the wrong basket ?

    I wont got into the benefit of using opensource in detail, for it is bound to be flogged like a dead horse in the ensuing /. discussion below, but surely to suggest increased audit spending on opensource is FUD.

    Additionally, it peeves me a little when everytime opensource is mentioned, the immediate line is drawn to Linux. I think the existence of other top notch operating systems such as FreeBSD, NetBSD and OpenBSD should also play a role in government procurement. The mindshare which Linux has managed to garner in this space is eclipsing decision makers away from proper evaluation and just jumping on to the Linux bandwagon.

    After all, one of the basic tenets of opensource is choice. We dont want the lack of choice we have replaced with another lack of choice in operating systems, Linux only.