Guardent To Sell Snort And Nessus

← Back to Stories (view on slashdot.org)

Guardent To Sell Snort And Nessus

Posted by timothy on Thursday December 13, 2001 @08:28PM from the you-shore-got-a-purty-box dept.

Cally writes: "An interesting article appeared on the Info-Sec News list the other day about Guardent's new security appliance. Based on Snort, Nessus and IPTables, Guardent are taking the unusal step of trying to sell a product based on Free software into the highly resistant corporate security market. Although Free/Open security software is widely acknowledged to be better than commercial alternatives, it's rarely been trusted in the enterprise - the article points out that, although the NSA use Free software, the need for an expensive government audit prevents the government from saving money and improving security."

3 of 105 comments (clear)

why linux as a platform? (import post.not_a_troll) by Anonymous Coward · 2001-12-13 21:19 · Score: 5, Insightful
OpenBSD has several advantages over Linux for this application:
- More cohesive codebase, tighter integrated security audits. (==more secure foundation to work from)
- Better firewall and nat features, syntax.
- BSD-licensed foundation, so no hassles if you're using it in a product.
- Cooler logo. ;-)
And of course, since the OpenBSD community has a lot of paranoid ... oops, er ... "security aware" people in it, all the security tools you could ever want are either native or seamlessly ported.
Quite frankly, seeing someone selling a security solution based on open source software and finding out the OS isn't OpenBSD is like finding your cousin Larry using an egg beater to polish his car's paint... You know they must have some reason, but damn if it has any obvious logic to it...

(Linux has it's own place. I use it a lot for developing and deploying java applications, also it's a better DB platform than obsd becuase it has SMP support. Right tool, right job. For security, obsd is the right tool.)
Giving back to the community by Radium_ · 2001-12-13 21:38 · Score: 5, Insightful

I hope that, if they make profit using these free softwares, they give some money back to the developers. I know that Renaud Deraison, one of the Nessus core developers, is tired of seing derivatives of his product sold by many companies which *never* give anything (bug reports, patches, plugins, money) back.

Hell, free software needs financial *and* technical support from those who use it. Or you won't be able to use it very long.
Re:why linux as a platform? (import post.not_a_tro by Zapman · 2001-12-14 02:29 · Score: 5, Insightful

OpenBSD has a fantastic reputation for security. However, there are several side notes that probably pushed linux over the top.

1) LIDS. If they're using a 2.4 kernel, they can do LOTS of nice security things, like striping root of lots of it's dangerous abilities. Less danger if root is cracked. I don't know if LIDS is in use, but it probably should be.

2) Your 'better firewall and nat features, syntax' is highly debatable. As somone else pointed out, IPTables stateful inspection is far ahead of either ipfilter or pf. And your syntax comment is nothing more than a personal preference.

3) I don't like this reason much, but 'Linux' is much more widely recognised in the business world than 'OpenBSD'. When you come down to it, you have to be able to market this thing. Is this the way it should be? No. But it is, and we have to deal with it.

--
Zapman