The open source movement is fertile ground for creating advanced tools and technologies - all at an appealing price. We've scoured the market to find six open source projects that hold promise for your New Data Center architecture. They offer automated provisioning, intrusion detection, grid storage, network-attached storage, messaging for a service-oriented architecture () and secure telephony.
1. Cleversafe Dispersed Storage
Distributed by: Cleversafe
What it is: Grid storage software and a managed service.
What it does:
Backs up data using a public grid over the Internet and managed storage facilities.
Provides data backup by slicing up each data unit (files, for example) and sending the slices to as many as 11 locales.
Increases the chances that attacks or deficiencies in data storage won't compromise enterprise data in its entirety, because information is spread across multiple locations.
What the experts say:
"There are different types of applications that can use this type of storage. However, Cleversafe founders openly admit that the public grid is not yet ready to support transaction-oriented applications, because performance may not meet the requirements of these types of applications. Those wishing to hold off on the public grid experience may opt for an internal storage grid using Cleversafe's grid client and server software," says Illuminata Analyst John Webster, who names Cleversafe as a company to watch among new storage service providers.
What you should know:
First alpha version was released in April 2005; an additional release is likely before March.
Uses information-dispersal algorithms that parse the data being backed up into data slices that are stored separately but can reunite easily.
Protects against data loss if one location goes down, because only a majority of the slices are needed to restore the data, developers say.
An API connects to applications, including open source backup tools BackupPC, Bacula and Amanda.
Integrates with commercial backup solutions, such as Symantec's Veritas BackupExec and NetBackup, and EMC's Legato Networker.
Suitable as spare storage capacity or a backup alternative.
2. FreeNAS
Distributor: FreeNAS: The FreeNAS Server
What it is: Network-attached storage (NAS) software developed using FreeBSD 6 Unix.
What it does:
Lets ordinary PCs act as NAS servers.
Provides NAS services, including file sharing via Common Internet File System, FTP and Network File System.
What the experts say:
"If you're looking for a good-enough NAS system, FreeNAS gets praise from several people," says Analyst Michael Coté at market analysis firm RedMonk. Coté is tracking FreeNAS as it makes its way to official Version 1.0 status, at which point he believes the software will hold real promise for the enterprise. "It supports or is planning on supporting a wide array of protocols, authentication stores and monitoring. Once FreeNAS reaches 1.0 and has been road-tested, it has the real potential to be an open source alternative to commercial NAS providers," he says.
What you should know:
Currently available only as a beta release, although the latest version (0.68) packs such new features as experimental RAID data-storage functions and bug fixes.
Accommodates DeltaCopy open source backup utility software.
Includes no management features, such as SNMP or network alarm monitoring.
No commercial support available.
NASlite is a related commercial project aimed at smaller businesses considering modifying fixed disk drives and turning older PCs into NAS file servers.
3. GNU Telephony
Distributed by: GNU Telephony
What it is: A series of development tools, libraries and programs for creating telephony applications, such as secure VoIP calling.
What it does:
Works with the open source telephony server GNU Bayonne to inject telephony into existing applications.
Introduces secure VoIP calling functions in the real-time protocol (RTP) stack and at the application level through specification protocols XML-Remote Procedure Call and Simple Object Access Protocol.
Lets users manage their own encryption keys and thereby engage in end-to-end encrypted communications.
What the experts say:
"For all intents and purposes, open source VoIP technologies can today do the same thing as proprietary systems. Technologies like GNU Telephony provide innovative tools for building low-cost telecommunications infrastructures, demystifying technologies and fostering waves of technological revolution," says Sascha Meinrath, executive director of the CUWiN Wireless Project, a nonprofit that promotes community-owned networks.
What you should know:
Includes GNU Common C++ framework to support threading, sockets, file access and other custom services.
Future releases will focus on applications for telecenters and new libraries, and on platforms with which enterprises can create and deploy telephony applications.
Interoperates with compliant RTP- and Session Initiation Protocol-based devices, phones or services, though it is not necessary to make the entire infrastructure RTP-compliant.
Several Linux VoIP softphones incorporate GNU's RTP stack, including the Twinkle client.
Works with open source PBXs Asterisk, OpenPBX and FreeSwitch.
Tycho Softworks provides commercial support for Bayonne and GNU Telephony.
4. Mule
Distributor: MuleSource
What it is: An enterprise service bus integration platform that provides messaging without additional "donkey work," that is, manual, repetitive coding.
What it does:
Provides the messaging backbone of an SOA.
Eases introduction of new applications.
Speeds efforts to modernize legacy applications.
Supports more than 30 transports and technologies, such as Enterprise JavaBeans, Java Messaging Service, Java Business Integration, Web services and mainframe applications.
What the experts say:
"The tool seems to strike a nice balance between simplicity and performance - a target that many application infrastructure vendors don't effectively aim for, since they are so intent on sophistication and options over simplicity and raw performance," says Jonathan Eunice, principal IT advisor at Illuminata.
What you should know:
Requires basic Java and XML skills.
Mule 2.0, scheduled for release in the second quarter of 2007, will include internal clustering capabilities, better repository support, patch management and other improvements.
Partner companies wrapping in Mule include open source document-management company Alfresco Software; C24, which offers objects support packs; Hyperic; JasperSoft; and MySQL.
Subscription-based support and related software are available directly from Mule developers.
5. openQRM
Distributor: Qlusters
What it is: Automatic, policy-based provisioning software for physical and virtual servers.
What it does:
Assigns users and applications to specific servers according to defined policies.
Adjusts server loads dynamically in response to actual usage.
Redeploys applications during maintenance and other periods of downtime and provides automatic failover if a server dies.
What the experts say:
"If something happens to our production application or kernel or physical machine, openQRM deprovisions and reboots the node and brings up a spare node using the same image and IP address. Total downtime is three minutes. We are able to react quickly to application issues as they occur," says John Shaw, Tradeware Global's vice president of operations at the Tradeware Global electronic trading solutions company. The New York company has used the open source tool extensively - harnessing openQRM to 15 IBM x336 servers - to help provide connectivity for major financial exchanges in 40 countries.
What you should know:
First release was in January 2006; openQRM 3.1.2 was released Dec. 28, 2006.
Integrates with infrastructure software, including VMware virtualization products, Nagios monitoring solutions and others.
Plug-in capabilities let users add components via Java, PHP and other scripting languages.
Developed by Qlusters, which offers support for openQRM and a managed service called openQRM Enterprise.
6. OSSEC
Distributed by: OSSEC HIDS
What it is: Akin to security-information and event-management products, this host-based intrusion-detection system is used in log analysis, integrity checking and rootkit detection.
What it does:
Monitors file and directory modifications.
Provides accountability by storing authentication information.
Triggers user alerts on failed authentication or questionable user additions.
What the experts say:
"We were able to get a lot of out-of-the-box functionality," says David Bianco, cybersecurity analyst for Thomas Jefferson National Accelerator Facility in Newport News, Va. "OSSEC immediately started parsing our firewall logs and alerting on Internet scans and probes. It's also helping track failed logins, system account changes, IDS alerts and a few other things - all with very little work on our part."
What you should know:
Version 1.0 was released in January.
Log analysis rules are in XML format.
Processes run with privilege separation in chroot jail.
Follows syslog RFC 3164 protocol.
OSSEC offers commercial support.
McAdams is a freelance writer in Vienna, Va. She can be reached at jmtechwriter@aol.com
< Previous story: 10 best products for next-gen network infrastructures | Next story: How to avoid bumps on the road to grid computing >