Open Source Cloud Authors: Mehdi Daoudi, Liz McMillan, Xenia von Wedel, Stackify Blog, Vaibhaw Pandey

Related Topics: Open Source Cloud, Linux Containers

Open Source Cloud: Article

Five Open Source Applications to Get You Started

For a small business, flexibility and cost are key factors to bear in mind when considering a network threat management solution

For a small business, flexibility and cost are key factors to bear in mind when considering a network threat management solution.

The network security space has been dominated by big proprietary vendors like Barracuda, SonicWall, and WatchGuard. However, many people simply don't have the time or budget to research all the possible vendors and order, install, and configure a network appliance, so they postpone addressing network security.

Given the cost and inflexibility associated with proprietary vendors, open source solutions may seem like a good option. However, many businesses have traditionally steered clear of open source alternatives, because early projects lacked the commercial support and documentation that they were familiar with. In addition, most people who haven't had experience with open source don't even know where to begin when evaluating if a particular application is appropriate for the business.

As a result of the perceived downsides of both proprietary and open source solutions, many small businesses simply choose to live with insecure networks and don't deploy a proper suite of security applications. However, leaving the network uncontrolled and vulnerable to attacks is obviously not the optimal solution, nor is investing a lot of money in a proprietary solution that may not provide the desired flexibility, as the needs of the network evolves as the company grows and changes.

The reality is that open source can provide an excellent solution for small businesses. However, because of the slew of open source options out there, it is important to have both some basic starting information and a system by which to evaluate which projects are appropriate. (It also doesn't hurt to have some patience and a sense of adventure when diving into the sea of available open source projects.) In the spirit of helping to create a jumping-off point for those considering open source, here are five free open source security applications that every small business should evaluate:

1) SpamAssassin
Everyone hates the unsolicited e-mail called spam. The open source SpamAssassin (http://spamassassin.apache.org/) is an extremely effective spam filter that is typically installed on the mail server or relay. For those who already have a mail server in place (even Microsoft Exchange), there are a variety of ways to plug in SpamAssassin. It boasts a large community of users who consistently write new SpamAssassin plug-ins, and a SpamAssassin user inherits all of the benefits and support of this very active community.

However, there are downsides to using it. The installation can be tricky, and the platform lacks some of the features that businesses might want, such as a mail quarantine, and blocklist and passlist capabilities because SpamAssassin's job is only to detect whether or not an e-mail is spam. However, there are ways to set up SpamAssassin to mimic quarantine-like actions, such as moving spam to other mailboxes to achieve some of the same results. The spam detection engine is one of the best, including technology like Bayesian filtering, RBLs, and plug-ins for the Razor database and even optical character resolution (OCR). Because the community is so large and active, there are consistently free updates readily available.

In short, SpamAssassin is a great, low-cost alternative to a proprietary spam filter like Barracuda's appliance, which performs the same functions and adds documentation, support, and a few features that they feel SpamAssassin is missing, including a hefty price tag. If you have time for the installation and don't mind taking some time to poke around the community to answer questions, give SpamAssassin a try.

2) ClamAV
ClamAV (www.clamav.net/) is an effective, well-performing virus-scanning engine that can be used in a few different ways. You can treat ClamAV like SpamAssassin and integrate it with a mail server to scan pieces of mail for viruses. You can also install ClamWin (www.clamwin.com/) on every desktop in the company for an extra layer of security. This is similar to using commercial products like Norton Anti-Virus, but ClamWin does not have some of the fancy features. On the plus side, ClamAV, like SpamAssassin, has both the advantage of price (it's free) and of a large community of users submitting signatures, which are often available sooner than they are for any other virus-detection product.

3) L7 Filter
L7 Filter (http://l7-filter.sourceforge.net/) is a module for iptables, the Linux firewall, so it requires a Linux firewall on the network. L7 Filter makes it possible to detect and block an array of protocols that are traditionally difficult to detect and block because they jump around to different ports. Companies that want to block their employees from using AOL Instant Messenger, for example, need to block whatever port AOL IM uses, which theoretically is port 5190 but often shifts to other ports (including the Web port, port 80, which every firewall has open) to ensure a connection. L7 Filter is great for detecting and blocking tougher protocols like Instant Messaging from Yahoo, AOL, and Microsoft, and P2P protocols such as BitTorrent.

Like ClamAV and SpamAssassin, L7 Filter has a user community that develops, maintains, and updates important signatures. Proprietary vendors often have signature lists that try to cover a broad array of topics and are outdated and poorly maintained. Open source projects like L7 Filter, because of its larger community and its focus on a single aspect of security, tend to have newer and larger signature lists that lead to more effective product use.

4) Snort
Snort (www.snort.org/) has evolved into an industry standard for intrusion detection and intrusion prevention. The best thing about Snort, aside from its reputation as an effective intrusion detection system, is that the community is so large and active that you can essentially find a proven signature for virtually anything, be it detecting a certain attack or even whether or not someone is, among other nefarious activities, using a protocol that should be blocked or accessing a Website that is deemed inappropriate for the network. These signatures are available free with a 30-day delay from SourceFire and are professionally maintained. Snort's beauty lies in its flexibility - there are so many proven signatures out there that there are almost limitless options for what it can be used for beyond just intrusion detection.

5) OpenVPN
OpenVPN (http://openvpn.net/) is a great VPN tool for remote access, if you have a lot of users trying to access the network remotely. OpenVPN is similar to other VPN protocols like IPSec and PPTP, but it's much simpler (and is free). There are clients available for Windows, Mac, and Linux, and it avoids issues that commonly plague users of PPTP and IPSec, including problems with NAT. IPSec and PPTP can be tricky to set up in a lot of cases, and they require you to invest time and energy dealing with complex issues like key management. OpenVPN is much less complex, and if you are willing to do research into how to get it up and running, it will be a cost-effective, much more stable VPN than either IPSec or PPTP.

Obviously, open source provides a cost-effective, flexible alternative to proprietary solutions for the network security gateway. These five projects each can be used to perform a vital network security function. However, there is no guarantee that any given open source project is right for your business. It is important to evaluate each project on the basis of several criteria to see if it is appropriate for you to implement and use.

Questions you should ask yourself before implementing any open source project are:
•  What is the installation process like?
•  How good/clear is the documentation? Is it easy to find?
•  How large and active is the user community?
•  Is there someone at your company who is willing to go to the project community for support rather than having a telephone number or a helpline to call?
•  Is there someone in your company who is willing to take some time to find and review online documentation and to figure out the use of the project?

The key for any business of any size thinking of implementing open source is to beware of downsides, know the upsides, and make sure this project is right for you. If there is someone at your company willing to put in a little elbow grease to read the documentation (RTFM), to seek out support, and to go the extra mile to engage with the community, then low-cost, flexible open source solutions can be the best way to secure your network.

More Stories By Dirk Morris

Dirk Morris is the founder and CTO of Untangle, which incorporates more than 30 open source projects into a single open source network gateway platform to stop spam, spyware, viruses, and more.

Comments (1) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
Jared Ottley's Blog 07/24/07 02:28:18 AM EDT

Trackback Added: Your top 5 Open Source Applications; Dirk Morris, has a post over at SOAWorld, on his top five Open Source applications (slanted of course towards network security, his forte). But it raises an interesting question, what are your top five Open Source applications? What are the ones you c...

@ThingsExpo Stories
"Cloud Academy is an enterprise training platform for the cloud, specifically public clouds. We offer guided learning experiences on AWS, Azure, Google Cloud and all the surrounding methodologies and technologies that you need to know and your teams need to know in order to leverage the full benefits of the cloud," explained Alex Brower, VP of Marketing at Cloud Academy, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clar...
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
SYS-CON Events announced today that Telecom Reseller has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics gr...