Open Source Cloud Authors: Liz McMillan, Jason Bloomberg, Yeshim Deniz, Stackify Blog, Vaibhaw Pandey

Related Topics: Open Source Cloud, Linux Containers

Open Source Cloud: Article

Five Open Source Applications to Get You Started

For a small business, flexibility and cost are key factors to bear in mind when considering a network threat management solution

For a small business, flexibility and cost are key factors to bear in mind when considering a network threat management solution.

The network security space has been dominated by big proprietary vendors like Barracuda, SonicWall, and WatchGuard. However, many people simply don't have the time or budget to research all the possible vendors and order, install, and configure a network appliance, so they postpone addressing network security.

Given the cost and inflexibility associated with proprietary vendors, open source solutions may seem like a good option. However, many businesses have traditionally steered clear of open source alternatives, because early projects lacked the commercial support and documentation that they were familiar with. In addition, most people who haven't had experience with open source don't even know where to begin when evaluating if a particular application is appropriate for the business.

As a result of the perceived downsides of both proprietary and open source solutions, many small businesses simply choose to live with insecure networks and don't deploy a proper suite of security applications. However, leaving the network uncontrolled and vulnerable to attacks is obviously not the optimal solution, nor is investing a lot of money in a proprietary solution that may not provide the desired flexibility, as the needs of the network evolves as the company grows and changes.

The reality is that open source can provide an excellent solution for small businesses. However, because of the slew of open source options out there, it is important to have both some basic starting information and a system by which to evaluate which projects are appropriate. (It also doesn't hurt to have some patience and a sense of adventure when diving into the sea of available open source projects.) In the spirit of helping to create a jumping-off point for those considering open source, here are five free open source security applications that every small business should evaluate:

1) SpamAssassin
Everyone hates the unsolicited e-mail called spam. The open source SpamAssassin (http://spamassassin.apache.org/) is an extremely effective spam filter that is typically installed on the mail server or relay. For those who already have a mail server in place (even Microsoft Exchange), there are a variety of ways to plug in SpamAssassin. It boasts a large community of users who consistently write new SpamAssassin plug-ins, and a SpamAssassin user inherits all of the benefits and support of this very active community.

However, there are downsides to using it. The installation can be tricky, and the platform lacks some of the features that businesses might want, such as a mail quarantine, and blocklist and passlist capabilities because SpamAssassin's job is only to detect whether or not an e-mail is spam. However, there are ways to set up SpamAssassin to mimic quarantine-like actions, such as moving spam to other mailboxes to achieve some of the same results. The spam detection engine is one of the best, including technology like Bayesian filtering, RBLs, and plug-ins for the Razor database and even optical character resolution (OCR). Because the community is so large and active, there are consistently free updates readily available.

In short, SpamAssassin is a great, low-cost alternative to a proprietary spam filter like Barracuda's appliance, which performs the same functions and adds documentation, support, and a few features that they feel SpamAssassin is missing, including a hefty price tag. If you have time for the installation and don't mind taking some time to poke around the community to answer questions, give SpamAssassin a try.

2) ClamAV
ClamAV (www.clamav.net/) is an effective, well-performing virus-scanning engine that can be used in a few different ways. You can treat ClamAV like SpamAssassin and integrate it with a mail server to scan pieces of mail for viruses. You can also install ClamWin (www.clamwin.com/) on every desktop in the company for an extra layer of security. This is similar to using commercial products like Norton Anti-Virus, but ClamWin does not have some of the fancy features. On the plus side, ClamAV, like SpamAssassin, has both the advantage of price (it's free) and of a large community of users submitting signatures, which are often available sooner than they are for any other virus-detection product.

3) L7 Filter
L7 Filter (http://l7-filter.sourceforge.net/) is a module for iptables, the Linux firewall, so it requires a Linux firewall on the network. L7 Filter makes it possible to detect and block an array of protocols that are traditionally difficult to detect and block because they jump around to different ports. Companies that want to block their employees from using AOL Instant Messenger, for example, need to block whatever port AOL IM uses, which theoretically is port 5190 but often shifts to other ports (including the Web port, port 80, which every firewall has open) to ensure a connection. L7 Filter is great for detecting and blocking tougher protocols like Instant Messaging from Yahoo, AOL, and Microsoft, and P2P protocols such as BitTorrent.

Like ClamAV and SpamAssassin, L7 Filter has a user community that develops, maintains, and updates important signatures. Proprietary vendors often have signature lists that try to cover a broad array of topics and are outdated and poorly maintained. Open source projects like L7 Filter, because of its larger community and its focus on a single aspect of security, tend to have newer and larger signature lists that lead to more effective product use.

4) Snort
Snort (www.snort.org/) has evolved into an industry standard for intrusion detection and intrusion prevention. The best thing about Snort, aside from its reputation as an effective intrusion detection system, is that the community is so large and active that you can essentially find a proven signature for virtually anything, be it detecting a certain attack or even whether or not someone is, among other nefarious activities, using a protocol that should be blocked or accessing a Website that is deemed inappropriate for the network. These signatures are available free with a 30-day delay from SourceFire and are professionally maintained. Snort's beauty lies in its flexibility - there are so many proven signatures out there that there are almost limitless options for what it can be used for beyond just intrusion detection.

5) OpenVPN
OpenVPN (http://openvpn.net/) is a great VPN tool for remote access, if you have a lot of users trying to access the network remotely. OpenVPN is similar to other VPN protocols like IPSec and PPTP, but it's much simpler (and is free). There are clients available for Windows, Mac, and Linux, and it avoids issues that commonly plague users of PPTP and IPSec, including problems with NAT. IPSec and PPTP can be tricky to set up in a lot of cases, and they require you to invest time and energy dealing with complex issues like key management. OpenVPN is much less complex, and if you are willing to do research into how to get it up and running, it will be a cost-effective, much more stable VPN than either IPSec or PPTP.

Obviously, open source provides a cost-effective, flexible alternative to proprietary solutions for the network security gateway. These five projects each can be used to perform a vital network security function. However, there is no guarantee that any given open source project is right for your business. It is important to evaluate each project on the basis of several criteria to see if it is appropriate for you to implement and use.

Questions you should ask yourself before implementing any open source project are:
•  What is the installation process like?
•  How good/clear is the documentation? Is it easy to find?
•  How large and active is the user community?
•  Is there someone at your company who is willing to go to the project community for support rather than having a telephone number or a helpline to call?
•  Is there someone in your company who is willing to take some time to find and review online documentation and to figure out the use of the project?

The key for any business of any size thinking of implementing open source is to beware of downsides, know the upsides, and make sure this project is right for you. If there is someone at your company willing to put in a little elbow grease to read the documentation (RTFM), to seek out support, and to go the extra mile to engage with the community, then low-cost, flexible open source solutions can be the best way to secure your network.

More Stories By Dirk Morris

Dirk Morris is the founder and CTO of Untangle, which incorporates more than 30 open source projects into a single open source network gateway platform to stop spam, spyware, viruses, and more.

Comments (1) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
Jared Ottley's Blog 07/24/07 02:28:18 AM EDT

Trackback Added: Your top 5 Open Source Applications; Dirk Morris, has a post over at SOAWorld, on his top five Open Source applications (slanted of course towards network security, his forte). But it raises an interesting question, what are your top five Open Source applications? What are the ones you c...

@ThingsExpo Stories
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER give you detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPO also offers s...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
DXWorldEXPO LLC announced today that "Miami Blockchain Event by FinTechEXPO" has announced that its Call for Papers is now open. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expe...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...