What the Big Vendors Did Last Month and What It Means to You

By Geoffrey James

IBM announced that Red Hat Enterprise Linux is in Common Criteria evaluation on a broad range of IBM eServer systems. This evaluation means the Red Hat Enterprise Linux will meet government security standards for assured information sharing within and across government agencies. With IBM’s sponsorship, Red Hat Enterprise Linux v.5 officially entered the National Information Assurance Partnership (NIAP) approved Common Criteria Evaluation & Validation Scheme (CCEVS) this month to bring a new level of security and assurance to Linux.
Our take: Seeking government certification for one of the most common versions of Linux should help IBM position Linux in organizations that might otherwise be worried about security problems associated with open source. If you’re selling a product on Linux, keep your customers informed of the progress of the certification. If you’re selling against Linux-based products, minimize the certification if it comes up by pointing out there are a dozen operating environments that already have been certified.

Oracle, on September 12, announced an agreement to buy Siebel Systems. With the acquisition Oracle gains 4,000 new corporate customers, although many run Oracle elsewhere, and 3.4 million new CRM users.
Our take: As Oracle’s corporate energy shifts to the Siebel platform, the executives and technical experts assigned to Oracle CRM and the remnants of PeopleSoft CRM will attempt to force themselves into positions of power in whatever CRM development organization emerges from the chaos. If you’re selling CRM against Oracle and the erstwhile PeopleSoft and Seibel, this is the time to introduce some major fear, uncertainty and doubt to those accounts.

Microsoft CEO Steve Ballmer outlined the company’s security strategy, including plans to release Microsoft Client Protection to help protect business desktops, laptops and file servers; the creation of SecureIT Alliance to help security partners integrate with the Microsoft platform; and Microsoft Antigen, an antivirus and antispam security software for messaging and collaboration servers.
Our take: The challenge Microsoft faces in the security arena is that the basic architecture of Windows XP assumes a high level of intimacy between the PC and the network, with applications functionality folded into the operating system – a recipe for open doors through which security violations can creep. If you’re selling a Microsoft-based solution, fold these new Microsoft features into your list of reasons why your solution is secure. If you’re selling against a Microsoft-based solution, point out that Microsoft’s security strategy is a collection of point products and lacks an architectural approach.

SAP announced an alliance with Avaya, Dell, HP, Network Appliance, Novell, Research In Motion and others to license SAP’s enterprise services architecture. The newly formed Enterprise Services Community Process will attempt to incorporate many of the successful attributes of open community processes for software development. The presence of governing rules, expert groups and traditional procedures is intended to create a community-based forum that will bring to market new business solutions.
Our take: These grand alliances usually don’t pan out. The attempt to imitate open source software development methods generally is doomed when the community consists of corporations rather than individuals because it usually is unclear what the participating companies are supposed to get out of the arrangement. In most cases, when gigantic firms such as Dell and HP are alliance members it’s more of a courtesy and PR opportunity than a real commitment to participate in a development effort.