Open source software for perimeter defense - Security

Computer Technology Review, August, 2003 by Elizabeth M. Ferrarini

Proprietary Security Software vs Open Source Security Software

When it comes to selecting security software, you have your choice of either proprietary software or open source software. Commercial software vendors pay developers to write code, which is usually tested by both an internal quality assurance team and by some customers. Customers who buy the software can't damper with the code, thus the proprietary nature of the product. They wait for the company to issue updates or patches to fix problems. Often, customers do a good job of uncovering problems and telling the software vendor. To maintain profitability, most security software vendors strive to become experts in one area of security, such as firewalls, and, in torn, create brand loyalty for the product.

The other type of security software belongs to a generic software class known as open source, non-proprietary and free for the downloading from a website. About 20 years ago, the Open Source Software Foundation set up unofficial guidelines for developers who wanted to write and distribute open source software. Open source software usually begins with a project idea which an experienced Perl or C developer registers with the Open Software Foundation. The developer sets up a website and invites other developers to review the code and contribute code updates. Things get done according to a strict hierarchy of decorum regarding who can contribute, and what gets posted for release.

Professional camaraderie, not financial incentives, among developers becomes the motivation to make contributions to a project. Some projects can have thousands of developers reviewing and testing the code. Participating developers like the challenge of putting the software through it paces, and making changes that enhance the software's overall functionality. To this end, updates get made within days, not months, like with proprietary software. If you download the software for use, you can review the code; but, chances are, you don't have the expertise to change it or to understand it.

Perhaps the most widely used and accepted open source product is the Linux operating systems, the first kernel OS that worked on X.86 hardware. By using this OS, hardware vendors such as Dell don't have to issue licensing fees for Microsoft OS. Another widely used open source software application that runs on Linux includes the Apache Web server. In tact, about 60 percent of all Web servers run Apache, according to Netcraft, a technology consultancy firm.

But what about using open source software for security? In a November 19, 2002 article for Business Week Online, John Pescatore, a security analyst with Gartner Group, said that as a result of Linux, more and more businesses and government agencies are getting comfortable with using Linux. He added that this trend is bleeding over into a lot more open security tools.

You'll find hundreds of open source products in each of the six technology areas mentioned for good perimeter security. For example, when it comes to alarming or intrusion detection, millions of individuals have downloaded Snort. In the Business Week Online article, Infonetics, a networking consultancy, said that Snort is one of the better programs in the $400 million intrusion detection market.