Q

Is open source security software best for my clients?

Learn when it is best to recommend open source security software to your clients as opposed to proprietary security software.

Is it better to recommend to clients open source security software such as Snort, which might have lower upfront costs, or proprietary security software that might have better commercial support?

Open source security software can allow value-added resellers (VARs) to solve a customer's problem with little or no upfront cost for the software. However, there are some very important questions that need to be asked and answered honestly before any open source security solution deployment is considered.

First, keep in mind that "open source" does not necessarily indicate a lack of commercial or community support. Some open source security software developers offer free support while others offer fee-based support – some are flat-fee based and others charge on a per-incident basis.

It is important to thoroughly explore the options available to the customer, as there are companies that provide installation and support for open source security software. In fact, this represents a great opportunity for VARs that have the right expertise.

Second, consider the criticality of the service being provided by the solution. Should an issue arise, there is a big difference in business impact of an in-line firewall or IPS product versus an out-of-band IDS or vulnerability assessment product.

Third, what will the customer do if the licensing model changes and the product is no longer available free of charge, or support/development is halted?

Lastly, consider the platform upon which the open source security solution will be deployed. With the advent of virtualization, the availability of complete virtual appliances and the ability to re-use older hardware are additional compelling reasons to consider open source security software.

Investing in the right portfolio of open source products can be a fantastic way to manage security investments and focus dwindling budget allocations on things that matter most.

For VARs, it's all about managing expectations, risk and budget -- open source or otherwise.

This was first published in December 2007

Dig deeper on Application security and data protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close