Agility, control, customization, affordability

These advantages of open source are sorely needed in the security market

With a healthy, vigorous market in security appliances based on open source components (see related story), why would anyone in a data center go to the trouble of assembling their own? The arguments boil down to agility, control, customization and affordability.

In the world of security, agility means being able to respond quickly to threats and to change policy and products to maintain a secure network. With a packaged solution, responding to a new threat may mean installing a new box. If a company builds its own appliance based on existing tools, it can vary the components and configuration quickly. This may be true even if the company isn't using open source tools. For example, an e-mail security gateway typically has a virus scanner, and while there is a good open source option in ClamAV, a corporate license might make products from Trend Micro, McAfee or Sophos just as good choices. Changing the antivirus engine is easy if a company controls the appliance, but not as easy if it has a packaged solution.

In the data center, control can mean many things, but often control means knowing that if push came to shove, a company could always fix the open source tools itself. In addition, control means knowing that the product will be around for as long as a company wants to use it: Although the security marketplace is active, it has a high churn rate, and today's great product from a small start-up can be tomorrow's dot-com scrap. Also, success can weigh on new products: Vendors are bought; products go on hiatus for a year or are cancelled entirely. Open source code is insurance against that happening, even though developer organizations are just as likely to disappear as commercial vendors.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

With a healthy, vigorous market in security appliances based on open source components (see related story), why would anyone in a data center go to the trouble of assembling their own? The arguments boil down to agility, control, customization and affordability.

In the world of security, agility means being able to respond quickly to threats and to change policy and products to maintain a secure network. With a packaged solution, responding to a new threat may mean installing a new box. If a company builds its own appliance based on existing tools, it can vary the components and configuration quickly. This may be true even if the company isn't using open source tools. For example, an e-mail security gateway typically has a virus scanner, and while there is a good open source option in ClamAV, a corporate license might make products from Trend Micro, McAfee or Sophos just as good choices. Changing the antivirus engine is easy if a company controls the appliance, but not as easy if it has a packaged solution.

In the data center, control can mean many things, but often control means knowing that if push came to shove, a company could always fix the open source tools itself. In addition, control means knowing that the product will be around for as long as a company wants to use it: Although the security marketplace is active, it has a high churn rate, and today's great product from a small start-up can be tomorrow's dot-com scrap. Also, success can weigh on new products: Vendors are bought; products go on hiatus for a year or are cancelled entirely. Open source code is insurance against that happening, even though developer organizations are just as likely to disappear as commercial vendors.

Customization long has been a benefit of open source, and it's just as important in security. If a company's unique security requirements can't be met by off-the-shelf products, it probably can put together what it wants out from open source components. Sometimes customization is more important on the control plane, especially in large data centers. For example, if the data center has a provisioning system that needs to interact with parts of the network's security infrastructure, it's more likely that an open source tool built by the company can be controlled with configuration files and command lines - unlike a commercial product that requires a Java-based GUI for configuration.

Finally, cost is the eternal and obvious argument in favor of open source. A single appliance in a data center may not be much of a budget item, but costs do add up. E-mail security appliances, for example, typically are licensed per user, per function (spam, antivirus and so on), per year. A thousand users multiplied by $30 or so per user, per year: That's a powerful incentive for a company to build its own gateway of open source components. One intrusion-detection system sensor is not worth worrying about, but if a company wants to deploy 100 of them, it can realize significant savings with open source.

< Return to main story: Armed with open source>

Read more about security in Network World's Security section.