19 September 2002 Security software buyers are increasingly demanding consolidated products that combine multiple functions in one package or appliance, according to IDC analyst Chris Christiansen.
And they are willing to turn to open source software, if necessary, in order to get the protection they need at a price they can afford. Christiansen was speaking at an IDC conference on computer security in London.
The problem is that while many small and medium-sized business (SMBs) recognise the need to employ various security tools, they are finding it increasingly difficult to administer all the different point products they need.
Vendors are responding by rolling more functions into single products, said Christiansen – and using open source applications where they have proved to be robust and reliable.
In addition, an increasing number of companies are releasing hardware appliances based on open source software, which Christiansen believes will further cut costs. Such devices typically feature Snort, a highly-rated open source intrusion detection software package, and firewalls such as IPChains or T.Rex.
Christiansen also said that organisations and users have finally woken up to the fact that any Internet-networked server needs to be secured. The erroneous idea that some organisations have that “no one would bother to attack their small and insignificant company” is often undermined by the fact that many hackers break into systems either to store illicit material or to steal resources, says Christiansen.
He cites the case of a university project worker who used his government grant to buy the biggest, fastest server available on which to do his work. “He was saying, ‘even when I’m not doing any work, the hard drive is still whirring away and the light keeps flashing. What’s happening?'”
Upon further investigation he found out that the web server had been cracked and, in the absence of any firewall or intrusion detection device, someone was running a highly profitable, subscription-only pornographic web site on his machine – for nothing, because the project worker was paying for all his resources.