Novell urged to build open source around AppArmor Linux


Industry experts have predicted that Novell's recent decision to open up the source code of its AppArmor Linux security offering will only have a "meaningful result" if the firm succeeds in developing a true open-source community around the technology.

On Jan. 10 2005, Novell announced the creation of the AppArmor project, an open-source project designed to develop Linux application security using Novell's AppArmor technology. AppArmor technology has previously been available with SUSE Linux 10.0 and Novell's SUSE Linux Enterprise Server 9 Service Pack 3.

However, Gartner warned that the move does not guarantee that the AppArmor project will be successful.

"Successful open-source security projects, such as Nessus and Snort, have been promoted by dedicated adherents who cultivated a community and were independent of any specific Linux distribution. Novell will need to do the same, or AppArmor's entry into the open-source sphere will not have any meaningful result," Gartner Neil MacDonald, Gartner vice president and distinguished analyst, said.

According to Gartner, Novell's decision to place AppArmor in the open source sphere is a "good move" that helps to solve a serious weakness in the firm's existing offerings for the Linux application security market. The move, according to the analyst firm, could help to overcome the limitation centering on the fact that the foundation technology for the AppArmor project - Immunix AppArmor, which Novell acquired in May 2005 - has provided Novell with only one style of host-based intrusion prevention system (HIPS).

"To deliver comprehensive Linux endpoint protection, AppArmor must be combined with other endpoint security technologies that Novell lacks. Gaining these technologies would have required other acquisitions or partnerships - which would have been a distraction from Novell's renewed focus on its core operating-system, identity and services businesses," said MacDonald. "By making AppArmor an open-source project, Novell is removing a business distraction, creating Linux community goodwill and offering a much less complex alternative to Security-Enhanced Linux (SELinux) for more tightly securing Linux server and application configurations."

Gartner believes that a AppArmor offering for other Linux distributions is likely to become available by the second half of 2007.

Enterprises considering AppArmor technology are advised by Gartner to demand detailed information about the specific resources Novell is prepared to commit to ensure the success of the AppArmor project. For existing SUSE users the analyst firm suggests considering AppArmor a "viable and easier-to-implement alternative to SELinux for security-critical servers".

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.