Slashdot Mirror
Guardent To Sell Snort And Nessus
Cally writes: "An interesting article appeared on the Info-Sec News list the other day about Guardent's new security appliance. Based on Snort,
Nessus and IPTables, Guardent are taking the unusal step of trying to sell a product based on Free software into the highly resistant corporate security market.
Although Free/Open security software is widely acknowledged to be better than commercial alternatives, it's rarely been trusted in the enterprise - the article points out that, although the NSA use Free
software, the need for an expensive government audit prevents the
government from saving money and improving security."
It mat sound wierd but an awful lot of companies wont 'buy' free stuff (software especially). They like the security that a bazillion pounds of support contract and software maintenance gives them. The fact that the support I've had on _numerous_ free software is far better than you'd expect from a tech support department is irrelevant because there are no _guarantees_. Selling gnu tools as a business model may actually be viable :) Provided you offer 'support' on such things... :)
I've noticed one thing though, in all this endeavor : the more "touchy" the system was, the greater the resistance to change to a better and more reliable open source alternative.
Than I started asking why ?
Let me point out some reasons behind this, which of course most of you already know:
- Open source projects don't send out nice brochures telling how great the product is
- Since there is almost no advertising (what ?! do you expect square headed managers to read slashdot ?! they barely can read !
:), there's little info about what a product can and cannot do. Of course, you can always ask that geek down the hall that seems to know them all, but how much can you trust a guy without social life ?
- We don't know if the new open source app will preserve/convert the data from the old app. I wanna be honest and say most of the time open source apps regard themselves as being the only apps out there (scratching someone's itch - ESR might say) and provide little feature to import existing data
- But the number one reason behind not accepting open source replacement of sensitive software is the fact that there is no one to blame
The latest reason applies to both managers and sysadmins or whomever is in charge of getting things done.Pointing fingers is big business when things go wrong. Commercial app means that you have someone to call almost 24-7, someone to swear at and still be nice (you paid them a shitload of money to do so). If things break, sysadmins can always say: it was that creepy product's fault.
But that is one thing you cannot do to open source. First of all, you paid nothing. The creator lets you use the software because he's a nice guy. If the system crashes, the managers will point fingers at the sysadmin: you're the one going with this solution - you fix it!.
Now security is probably one of the most sensitive and touchy part of an organization. Yes open source security software works better, yes it provides you more options, no it won't send your secret data neither to NSA nor FBI, no it's not hard to setup up neither to maintain, and no, microsoft didn't invent it. But, sometimes it may screw things up. And when that happens, the first question on everybody's minds is:
Whom do we point fingers at?
__________
Don't belong. Never join. Think for yourself. Peace!
Akamai Technologies uses Linux in a BIG way across its network of over 11,000 servers. NASA uses it, JPL, Lawrence Livermore (sp?), and the list goes on. With Linux comes free apps. like NetSaint, Snort, iptraf, etc., etc. How does one track the usage of free software when there is no registration/licensing required? One can't, so one may never know to what extent free software has consumed the enterprise unless the companies using it give out real numbers. Many companies don't, and some can't because they just don't keep track of it.
Rohan