Open Source or a commercial offering?
Bart Silverstrim
bsilver at chrononomicon.com
Thu Aug 16 13:40:40 UTC 2007
Anthony M Simonelli wrote:
> I've been working on an Internet Gateway/Proxy/Email filter box for work
> using Postfix, AmavisD-New, Spamassassin, ClamAV, Squid, Dansguardian,
> etc. I've put in many hours trying to get it to work the way I want,
> (granted I have spent a lot of those hours learning and documenting
> along the way) and I'm happy with the results, but I am beginning to
> wonder, am I really benefiting my company? Am I saving them money with
> a more superior product? Let's say that after benefits and everything,
> someone in IT is paid $25 an hour and spends 20 total hours getting a
> Linux server setup for the functionality above. That's $500 worth of
> work. Now compared to a commercial offering such as the SonicWall TZ
> 180 TotalSecure 10 priced at $480 that does all of the above, what is
> the benefit of running a free, open source solution? Don't get me
> wrong, I am a huge fan and promoter of open source, but from a purely
> business perspective, am I doing the right thing? Your thoughts and
> opinions please...
Is this all you do? Just set that up? Or are you their department?
My opinion is that "free" implementations of solutions are indeed
expensive in that they take up someone's time. You have to learn what
you're doing or know it already. In that regard, you're actually
profiting from the company...you're getting an education on their time.
BONUS! Ka-Chow!
So...initial outlay: proprietary solutions tend to be pricey in terms of
cash, cheap on the purchaser in terms of hassle and time. Open source:
opposite. Winner: If you can get time and want the education, open
source. If you want minimal hassle and someone to blame when things go
wonky (which of course is the privilege you pay for), go commercial.
Second, once implemented, if done "right", open source solutions tend to
be largely self-maintaining with the exception of possibly doing updates
by hand and/or tuning of rules and filters. I've had very very few
problems with the OS just tweaking out on me. Windows, I've been bitten
several times by the OS just deciding to go south at inopportune moments
for no apparent reasons. Your mileage may vary though. We've had some
Windows servers that have been workhorses and won't die. Others, flaky
as a croissant. Given the choice I avoid the Windows solution. And no,
it's not for zealot reasons.
So, for long term cost: many, if not all, spam solutions and virus
solutions have a subscription model. You're going to budget for it.
That's what you pay for...they do the work of keeping you "up to date"
and you just need to make sure the appliance/solution retrieves updates
periodically. Sound good for your situation? Go commercial. Open
source takes some more work. You have to sometimes do manual updates or
script updates, check they are still working periodically, and have to
tune it. So it's again an investment in time.
What it comes down to is your situation. If your organization is
worried about being hit with financial cost worries, I'd say open source
is fantastic if they have a tech person or department that wants to
invest in personal learning and growth and competence. The cost is
encapsulated into investing in the person or people and they become,
hopefully, more competent and savvy from using and configuring the
solution, and they definitely become more educated in keeping up with
the "bad guys".
If your organization doesn't mind throwing money into a solution in
return for piece of mind that comes from having someone to blame and
they don't want to invest in in-house expertise, go commercial. It's
"cheaper" in terms of tangible labor and but more expensive in terms of
hard cash. This is great for businesses that don't have IT people
and/or prefer outsourcing everything they don't have or want in-house
expertise in.
In the long run I think it's cheaper to do the open source route since
you'd have people get up to speed and dedicated to maintaining the
solution. It's investing in your people and your IT department if your
business has one.
-Bart
More information about the ubuntu-users
mailing list