Floyd’s Law: Open Source vs. Proprietary Software

As the pace of innovation continues to accelerate, it is increasingly impossible for legacy software vendors to maintain pace.  Professional services organizations are pushed to the brink as they attempt to fill product gaps only to find that they are further and further behind the innovation curve.  Customer frustration is increasing as these projects never end, product innovation never comes, and maintenance costs continue to increase.

Open Source, free of the legacy baggage and bureaucracy of their traditional competitors, is the only model that can keep pace with the accelerating rate of change in the industry.  In fact, Open Source is the disruptive force that continues to break-down legacy paradigms and offer new and disruptive solutions.  As commercialization of Open Source is inevitable, the key is remaining true to the principals of open source while providing customers the innovation and value they desperately desire.


Cloud Wars: Rackspace Seizes OpenStack, Is Dell Next?

In perhaps their boldest acquisition to date, Rackspace has purchased Anso Labs and are now firmly in control of OpenStack.  Anso Labs is the brains behind Nova, a key component of OpenStack that was originally built for NASA’s Nebula private cloud platform; NASA eventually contributed Nova to the OpenStack project.  Rackspace now controls 3 out of the 4 board seats for OpenStack, virtually owns 2 key software pieces the OpenStack code, and has cornered the market on OpenStack brainpower.

It’s no secret that OpenStack is a blazing hot open source project, but what is Rackspace’s true motive for this acquisition?  Some have speculated that Rackspace could move OpenStack toward an “open core” strategy, opening the door for a paid commercial version of the software.  However, that would be contrary to Rackspace’s DNA and is highly unlikely yet not out of the question.

What’s more likely, is Rackspace’s growing reliance on OpenStack represented too high of a risk for a company that has its eyes set on dominating Cloud computing.  I have always contended that Open Source is a development strategy not a business model.  Therefore, Rackspace’s business model was at risk because their open source development strategy hinged on the talents of Anso Labs.

Additionally, Anso Labs brings Rackspace new Cloud services capabilities in the areas of consulting, training, support, integration, and customization of both OpenStack and Nova. Imagine Rackspace offering their customers the ability to build their own private clouds while augmenting them with their public and/or hybrid cloud offerings.  In essence, OpenStack to Rackspace becomes Eucalyptus to Amazon.

Where there is brilliance in this acquisition there are also risks.  Will the team at Anso Labs accept their new owner’s vision and/or plans? What happens to OpenStack’s growing community of participants and contributors?  Will the bright lights of the free spirits of Anso Labs be extinguished by the weight of a public company?

Finally, an unintended consequence of seizing control of OpenStack may be making Rackspace a M&A target themselves.  While Lanham Napier, Rackspace’s CEO said, “We have not built our company to sell it” the market may think otherwise.  If JMP Securities analyst Patrick Walravens’ observation that investor’s main issue with Rackspace is “the capital-intensive nature of their business…capex guidance is up 41% from a year ago…” then an acquisition by an infrastructure provider may make perfect sense.  Is Dell Next?

Matasano’s Flint: Open Source Interesting but Viable?

Matasano Security, a security consulting and research firm, has released Flint, an open source tool that evaluates rules found on Cisco firewalls for outdated, redundant, or exposure to other security threats.  Flint is based on Ruby on Rails, is available as a VMware virtual appliance, and source code is available.  Per Dark Reading’s Kelly Jackson Higgins, Tom Ptacek, Principal with Matasano, said, “It’s easy to extend, and we’re hoping to get a lot of feedback from the network security community.”

In case you’ve missed it, security change and configuration management is a hot market that has traditionally focused on firewalls; Pioneers/leaders in this market include AlgoSec, Tufin, SecurePassage, and Skybox Security.  However, companies like Tufin are moving beyond the firewall to include classic network devices such as routers, switches, load balancing, and more.  Matasano’s Flint is a hybrid of sorts as their first release only supports Cisco firewalls, yet the software (caveat as I have not yet seen the open source licensing on Flint) may be extended by the community to include different functionality and device types.

Like any development model, open source has produced some winners and some forgettable products.   My question is; will a security developer community evolve around Flint or will it simply become a user community?  Empirical evidence gathered by my involvement with ZipTie, an open source framework for Network Inventory and Configuration Management, suggests the latter may be true.

Sure, there are some major differences between ZipTie and Flint.  While ZipTie is built on Java, Flint is built on Ruby.  While ZipTie is backed by AlterPoint (a commercial network change and configuration vendor), Flint is backed by Matasano Security a security consulting and research firm.  However, one undeniable similarity lies within the belief that a development community exists and will emerge to enhance, extend, or white label the solution.  ZipTie learned that while their community is vibrant, growing, and full of incredible ideas, the development community it coveted never materialized putting the burden squarely on ZipTie itself.  Faced with this reality, ZipTie morphed into AlterPoint NetworkAuthority Inventory where it continues to be available today.

Security and firewall administration is a complex and high-profile responsibility within any IT organization.  While these men and women are talented in many aspects of security, they also are specialized via security manufacturers and product types.  For example; CheckPoint Firewalls (Appliance/Blade), Juniper NetScreen, Fortinet FortiGate, Linux Firewalls, TippingPoint IPS, Snort, and more.  However, are they Ruby developers?

Development communities, in any form, are powerful additions to a company’s portfolio.  However, they are easier to find within the application world of operating systems, virtualization hypervisors, databases, and more.  For the worlds of networking and security, why not create a specialized development community that is focused on areas of the product where their involvement makes sense? Examples of such communities include; AlterPoint’s Forge and Tufin’s Open Development Platform Alliance.

While Matasano Security’s Flint is open source interesting, is it a viable alternative to its commercial competitors?  Albeit Flint receives a good geek score, I’ll leave the security and reputation of my company to the commercial vendors.  In any case, here’s to Matasano’s team as they’ve certainly drawn attention to their security consulting and research business.

Oracle’s To Do List

In the high stakes of M&A chicken, Oracle has stolen Sun from IBM and has changed the IT landscape forever. While this makes for great headlines, the hard work has yet to be started.

To do list (not complete):

* Pump life into Sun’s workforce
* Reassure Sun’s customers
* Calm Sun’s channel
* Dismantle Sun’s executive management team
* Triage Sun’s product portfolio
* Integrate, Integrate, Integrate
* Market, Market, Market
* Embrace the Open Source Community
* Provide a vision for Java, GlassFish, OpenOffice, VirtualBox, etc.
* Disrupt Cisco, HP, and IBM
* Attack the storage and storage back-up markets
* Attack Netezza and Teradata
* Promote Oracle 3.0: The Application Centric Datacenter
* Use Oracle’s Market Power to change the IT Paradigm

If Larry really wants to challenge Cisco, HP and IBM, he needs two more pieces; a top-of-the-rack switch and a next generation datacenter switch. Look no further than Arista Networks and Woven Systems.

Finally, would Oracle dare to disrupt the industry with an innovative pricing model? Would they take a loss on equipment for lucrative software and maintenance revenue? Or, do they show the world how Open Source Software can make money without inhibiting the community? Oracle in a box or a cloud?

Success or failure will be determined by Larry’s team and his will. Do this right and this industry will never be the same. Do this wrong, and the critics, IBM, HP, and Cisco will smile from sea to shinning sea. It’s hard to bet against Oracle and Larry Ellison and I’m not betting against this Iron Man of Tech.

%d bloggers like this: