Site Map

Flanagan Consulting

Archive    20 May 2008     #68

Can Licensing Threaten Availability?
And Check My Vulnerabilities While You're At It.

By William Flanagan, Publisher

There is a broad license situation that came to mind recently because we heard another firm talk about outsourcing core IT function to "software as a service" or "Web 2 applications" on a vendor's server.  The question is, do you have any options to bring those functions in-house if you don't like or can't accept future license terms?  How long would a move take and what impact would it have on your business?

You might think you needn't worry about licenses in your own data center, but what if a software vendor decided you weren't properly licensed?  Could you have your plug pulled?  What might it cost to buy the required license?

OK, it's unlikely a software purchase wouldn't be licensed adequately, at least to start.  But after a merger or expansion of the business, who knows?  Another, possibly hidden threat arises from re-use of code by a vendor, where that re-used code is licensed differently from the vendor's own software.  Many commercial software products contain components drawn from open source code.  If you read the fine print in license agreements--even from vendors who champion proprietary software--you might be surprised to note acknowledgments to open sources.  Open source code is licensed in many different ways, and often includes obligations on the end users as well as the "re-users" or vendors that include open source code in their products.

If you are concerned, there's a way to check you license obligations to authors of open source code.  Palamida (http://www.palamida.com/) has built up a data base (reportedly about 5 terabytes) over the past five years.  The db matches each version of an application or library to its license terms.  The company devised an engine that searches for open source components in your code, then details the license form that applies (GNU Public License, for example).


While identifying the open source components, the Palamida analysis engine also checks the version of each identifiable part of open source against the National Vulnerabilities Database (sponsored by DHS and NIST).  The report indicates known vulnerabilities and available updates or patches.  Even if you don't fix it yourself, you might want to call the attention of your software vendor to the need for an upgrade.

For the record, Flanagan Consulting uses open source applications.  We update them regularly.


Flanagan Consulting Experts Support Litigation Professionals

Several associates are experienced in analysis of patents, trademarks,
contracts, and other intellectual property related to IT and communications.
We have assisted attorneys preparing claims, depositions, and testimony.
How can we help you?   Queries to +1.703.242.8381.


New Books

FC Associate Ray Horak recently authored two books on networking. William Flanagan was the technical editor for both. They offer extensive coverage, and are as accurate as two old pros can make them.

The new titles are:

Telecommunications and Data Communications Handbook, 791 pages.
Webster's New World Telecom Dictionary, 568 pages.

Wiley is the publisher. Available in bookstores and on the web from multiple merchants--do a web search for "Ray Horak" or start with Ray's profile page at http://www.amazon.com/gp/pdp/profile/AL7TPWAFURLDA.

How Can Flanagan Consulting Help You?

      We understand not only the technology of networks, but also
  the surrounding business processes:  procurement, bid
  preparation/analysis, statements of work, financial analysis,
  consensus building around a solution, and more.
      Find out now:  call +1.703.242.8381

Subscriptions to ViewsLetter

    Mailman, the Linux application, keeps the mailing list.
    It is set up as a "read only" list.  Subscribers can't post,
    but the Publisher welcomes mail.  Because of the number of
    'out of office' autoreplies, replies to this message are
    discarded.  You can unsubscribe or subscribe at:
    You will need a password to unsubscribe, but Mailman
    will send you one on demand.  If you have a problem with the
    list, or a comment, send an email to Publisher@ViewsLetter.com.

Special thanks for supporting ViewsLetter to www.webtorials.com,
your best source for communications tutorials and white papers.

"Flanagan Consulting" and "ViewsLetter" are Service Marks of W. A. Flanagan, Inc.

Flanagan Consulting
W. A. Flanagan, Inc.
45472 Holiday Drive, #3
Sterling, VA 20166
Ph:  +1.703.242.8381
Fx:  +1.703.242.8391
In Converged Networking,
We have the Experience