| Astaro integrated security solution fueled by open source Linux |
(Jul. 29, 2003)
Fueled by lean IT budgets that demand results and a successful round of VC funding, Astaro is experiencing demand from small and large businesses that want an integrated solution for security with no vendor lock-in. DesktopLinux.com recently caught up with Astaro CEO Jan Hichert to discover that the company is not only developing Linux-only solutions, but has embraced open source practices, philosophy, and is even considering offering an OS-development fund. Hichert discusses his company's affordable Linux security products and the emerging role of Linux in the enterprise both in the US and abroad.
What is the brief history of Astaro? How does open source play a role in your organization?
Astaro’s founders worked for a German ISP. They found open source software could provide excellent quality, low cost and highly effective solutions to their customer’s security needs. However customers required on-going updates to the software, along with assistance in configuring and integrating the software. On-going demand for these capabilities led to the formation of Astaro. (pictured right, Astaro founders: Jan Hichert, Markus Hennig, and Gert Hansen)
Astaro provides a comprehensive security solution that integrates best-of-breed open source and proprietary software with an easy-to-use graphical interface and a transparent Internet-based software update service. We believe that the use of open source software provides not only faster development, but also higher quality, more secure and more affordable solutions.
How did you support the open source projects you have announced support for recently?
Astaro has provided funding and manpower for:
These projects provide critical capabilities required in an open source security solution. Furthermore the project teams consist of experts that share our commitment to the success of open source. We’re pleased to have been able to provide support for these valuable initiatives.
Vulnerabilities under Linux have been reported to proliferate in a situation where a user had root access. Is this accurate? How does Astaro eliminate the threat at the network level?
If an user were able to switch to "root" access, then security would be greatly compromised; that's why we restrict the root-capability feature from the kernel to limit the root permissions and separate important applications into "chroots."
Of course ASL is designed to default to a deny-access state: everything is per default disabled and only necessary programs, libs and files are included.
Desktop Linux is finding its way into the office through
many pilot programs and largely through the server room. What is Astaro's strategy?
As you indicated, Linux is becoming a factor in most organizations because of its rich capabilities and low cost. Acceptance and success in the server environment has created an environment where organizations are quite willing to entertain its use in other appropriate applications.
Traditionally, the complexity of configuring and managing Linux and open source software limited its use in enterprise security applications. Astaro Security Linux was specifically designed to eliminate those issues. Our integration middleware combined with a graphical point-and-click user interface (called WebAdmin) and an Internet-based software update service (Up2Date) makes configuring, managing and updating the software very easy. So our strategy remains: integrate best-of-breed security software with an easy to use graphical interface, and make the resulting solution available at affordable prices. We’re seeing great traction with this strategy!
What market, and what sorts of users, represent Astaro's market focus? Are you finding the SOHO users to be the most receptive at this time?
Small and medium sized enterprises (SME) have been Astaro’s traditional market, but with the introduction of new features over the last year, such as centralized management of multiple firewalls with our Global Configuration Manager (GCM), Astaro Security Linux is being embraced by large enterprises too.
We do have many SOHO users, who are attracted by the fact that they can get a comprehensive, easy-to-use security solution with a single CD installation. We support this community with a free home use license, and very active user bulletin board. We’re pleased to see the SOHO user base growing.
Is cost a primary factor in the IT decision to use Astaro and/or open source?
The fact that Astaro Security Linux is affordable is one reason, but certainly not the primary reason customers select the product.
Today, to create an effective security solution users need to assemble multiple products from different vendors (firewall, virus scanner, URL filter, spam filter, etc.), install, integrate and manage them. This is costly, complex and creates the opportunity for numerous security gaps.
The fact that Astaro Security Linux is a single comprehensive solution that is secure and easy-to-use is far more important.
What is the single greatest reason an enterprise should switch to open source based solutions now?
There are many good reasons, but let me try to narrow it down to two, if I may. Security and stability.
In May 2003, Astaro received US $6.2 million in VC financing in a difficult economic climate. Can you tell us a little about the interest the investment community has shown in Linux. Did offering a Linux-based solution seem to help attract interest?
Certainly the venture community is tuned into the fact that Linux is a growing wave. They are aware of the fact that IBM, Intel and other important players are supporting Linux, and are interested in plays that take advantage of this momentum.
Open source was actually more of a challenge. There were many questions about open source and how it works. But we were able to explain that, show a balanced business model, and a track record of running for two years at breakeven years despite start-up costs and heavy investment in growth. So in the end, it wasn’t that hard to attract investment.
Are you working with any "big name" OEMs? How about any of the major Desktop Linux distributors?
Astaro has been fortunate to have a unique, highly differentiated solution with high end-user demand. As a result Astaro Security Linux is attracting attention from many of the large OEM’s. We recently announced an arrangement with Toshiba where Astaro Security Linux is bundled with the Magnia SG20 appliance. You can expect additional announcements in the future.
Countries, including Germany (where Astaro is co-headquartered along with a facility in Massachusetts) have benefited from government initiatives, legislation, and programs that have been supportive of open source Linux. Can you compare the adoption of Linux in the enterprise of both countries and what Astaro is experiencing in both regions?
It is certainly true that the German government supports Linux, but that doesn’t impact our daily business transactions.
However German/European support has raised awareness regarding some of the fundamental business issues and values surrounding Linux and open source. As a result we don’t have to answer some of the questions we get in the U.S., like, “Is Linux secure?” or “Do you guarantee Linux…?”
The evolution of Linux in the enterprise is happening very quickly. What is the demand for Linux today? How has that demand changed over the past 6 months? What do you see happening over the next 6 months?
I see a new 2.6 kernel with a lot of high level enterprise features, which are not available in “conventional UNIX’s”.
KDE and GNOME are strong for doing the "Linux on the desktop"job.
What's still missing is the "ease-of-use", but all the distributors, including Astaro are working on this. So I am confident of the future of Linux.
Can you share any feedback from IT managers/CIOs on any evaluation sites or programs that Astaro is currently involved in? What do they like best about your product? What do they seem to be struggling with?
User feedback has been remarkably consistent. Customers are extremely pleased with Astaro Security Linux because:- It’s a comprehensive integrated security solution.
- It’s easy to use, with a simple point-and-click graphical interface.
- All software updates including kernel, firewall, virus signature, engine and web categorization functionality are delivered transparently via the Internet.
If you visit our User Bulletin Board, or take a look at the customer feedback on our web site, you’ll get a sense of the positive impact these capabilities have on customers.
The area we get the most pressure from customers is to do more. Although we’ve got the most comprehensive solution on the market, they want our solution to protect against all possible threats. Since threats and technology are constantly evolving, this will remain an on-going challenge, but one we enjoy.
"Rolling your own VPN" sounds difficult and costly. What kind of training, knowledge or support is required?
There are lots of people successfully implementing VPN’s today, so it can’t be too bad! But training is clearly important and will minimize the learning curve.
We offer a 2 day training for Astaro Security Linux. The first day covers ASL, the second day covers implementing VPN’s with ASL. Our configuration interface "WebAdmin" enables every SysAdmin to establish a VPN connection without any hassle because of the simplicity, the online help and the intuitive design.
How will you determine what technologies and applications will make their way into future versions of the product? Do you have plans for any other community-support programs?
Astaro is fortunate to have a very active user community, which we interact with constantly on a number of levels to determine where their pain points are, and what requirements they have. We do anticipate continuing to support the open source community, possibly through an OS-development fund.
Can you share some details on the typical deployment you are currently seeing? Size? Is the enterprise seeking to move from UNIX or Microsoft? Looking to maintain some Linux, some MS?
Traditionally we’ve seen a lot of traction with small and mid-sized businesses seeking a complete security solution encompassing not only firewall/VPN functionality, but also virus protection, web filtering, spam blocking, caching and QoS. Today, we’re seeing larger enterprises seeking the same functionality. Not only are personnel and budget cutbacks driving this, but also the fact that an integrated solution is inherently more secure than the traditional component-based approach.
Customers are primarily focused on putting in place a good security solution. For the most part they will select whatever approach provides that. Right now customers have come to trust in the security of Linux.
Resources and info on Astaro products:
Astaro Security Linux is free for home use. You can it download for free or order a CD for shipping costs.
A user community is here.
For commercial users, a free 30 day evaluation version Astaro Security Linux is available. A free on-line Evaluation Workshop takes students through the whole process of configuring and implementing a typical network. This greatly accelerates evaluation of the technology.
Test the product using online using your favorite browser.
(Click here for further information)
|
|
|
|
|
|
|
|
