Open source technologies already permeate most data centers, and their influence is spreading. However, data center managers who wouldn't think twice about dropping a new Linux server into a rack feel very differently about building an open source firewall as the main barrier between their own network and the great unwashed. Security remains outside the open-source comfort zone.

See related story on How you're already using open source security

Still, there are four primary arguments in favor of open-source security tools: agility in the face of changing threats, control of one's own destiny with full source code, customization to one's own requirements, and lower cost (see "Agility, control, customization, affordability" ). With that in mind, good examples of freely available security products abound.

Greater agility in mail security

The e-mail security gateway is a perfect example of how open source products can answer the need for agility. The function of this gateway has changed from interoperability between disparate mail systems to security, with protection against spam and viruses - and now phishing protection and compliance requirements - at the top of the list. The gateway landscape continues to change quickly, with commercial products entering or leaving the market rapidly, and requirements changing just as fast. If companies opt for an open source solution - in which they build their own gateway from multiple components - they gain a high degree of agility, even though they also take on a substantial integration effort.

Antispam tool SpamAssassin, probably the poster child for open source security, is powerful enough to be at the core of several commercial products, including the popular Barracuda mail gateway. SpamAssassin is far from data center-ready, however. Companies using it probably will have to create (or adapt existing open source) Web front-end applications and find a framework for scaling across multiple systems. There also is the need for user quarantines for suspect mail, tools to deliver mail, periodic quarantine management, reporting and alerting, and system management. Companies also will have to wrap a message transport agent, such as Postfix, around SpamAssassin to send, queue and receive e-mail. While some open source projects, such as the MailWasher server and Maia Mailguard, have integrated an antispam engine with management tools and quarantine, none has the active and lively development and huge user community that SpamAssassin does.

Whitepapers

• Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
• Selecting Effective Virtual Directories
• A Modern Approach to On-Demand Email and Data Security
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users

View more SECURITY whitepapers

Webcasts

• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• Learn how to Keep your Mobile Workforce Connected
• The self-managed network

View more SECURITY special reports