On 9/27/05, Tripp Sims <[EMAIL PROTECTED]> wrote: > Stephen J. Smoogen wrote: > > >From my day job. When looking at purchasing various products, we go
> > So you have experienced first hand, where 'open source' (free as in > speech) products have gotten the cold shoulder due to OMB in U.S. > Federal Government? I bring this up not as a slam against anyone having > what seem to be rash reactions to what appears to be a generally Where I have seen it become a problem where someone inside had to either champion (very hard) or get a company to champion it (much easier) has been where something has become a checkmark in some auditor. It is not OMB, but some manager who gets a piece of paper saying "All computers must meet NIST XYZ requirement." He then puts out a policy saying that all who are not compliant will have to be removed by Oct 1st or not get funding. Then it becomes a hunt the wabbit chase for system administrators to find out that they are compliant, remove those that are not compliant, or spend a lot of paperwork coming up with an adequete reason why their Open Source is not currently compliant and when it will be. The easiest way I have found is that you find a company that makes it compliant for you. An off the top of my head, silly examplet would be something like "Clam Hat" that uses Clamav in its software, but adds the extra value of putting the database in CME form or putting the usual "We can sue Clam Hat if we have problems with Clamav" > > -- Stephen J Smoogen. CSIRT/Linux System Administrator _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
