Open source: expensive trend?

IT likes to believe that it is a logical industry where all decisions - or at least the majority of them - are based on fact rather than fashion, writes Bloor Research analyst Tony Lock. Alas, this is not always so and being "in vogue" is often a subliminal driver behind certain of the technology waves that regularly sweep through the industry. The surge of open source solutions has, on occasion, exploited this unconscious desire to conform to the desire to be trendy. However, just as in the more traditional software sector, not everything in the world of open source is perfect.

Just take a look at the BIND (Berkeley Internet Name Domain) Domain Name System, perhaps the most commonly-deployed DNS in use today on Unix and Linux systems. Last November, John McCormick of TechRepublic published information based on SANS and the FBI data that identified, yet again, BIND as the most dangerous Linux/UNIX flaw. The reason why this should be so is very simple, most Linux/UNIX versions ship with BIND with the result that there are a huge number of machines running quite happily in the world using old, badly configured versions of BIND.

Whilst the Internet Software Consortium (ISC) supplies patches and updates whenever a problem is reported, BIND is not the easiest beast to administer. More than one IT manager has been heard to say that looking after BIND is "hell". Indeed whilst BIND and other open source tools commonly utilised in the IP management space, such as address caching software, DHCP software, may be "free" to acquire, they are by no means cost free to own. Looking after these systems can involve the use of highly-skilled, expensive IT staff. As these systems are of vital import to organisations, they must be maintained on a daily basis and this costs time and money. Their very complexity and lack of simple management capabilities adds a large degree of risk to the equation.

Read Full Story