Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How Can I Justify Using Red Hat When CentOS Exists?

samzenpus posted more than 2 years ago | from the a-litte-help-please dept.

Businesses 666

Bocaj writes "I recently spec'd out a large project for our company that included software from Red Hat. It came back from the CIO with everything approved except I have to use CentOS. Why? Because 'it's free Red Hat.' Personally I really like the CentOS project because it puts enterprise class software in the hands of people who might not otherwise afford it. We are not those people. We have money. In fact, I questioned the decision by asking why the CIO was willing to spend money on another very similar project and not this one. The answer was 'because there is no free alternative.' I know this has come up before and I don't want to beat a dead horse, but this is still a very persistent issue. Our CIO is convinced that technical support for any product is worthless. He's willing to spend money on 'one-time' software purchases, but nothing that is an annual subscription. There is data to support that the Red Hat subscription is cheaper that many other up-front paid software products but not CentOS. The only thing it lacks is support, which the CIO doesn't want. Help?"

Sorry! There are no comments related to the filter you selected.

Support them from your own money (4, Insightful)

SharkLaser (2495316) | more than 2 years ago | (#37888068)

The only thing it lacks is support, which the CIO doesn't want. Help?

Then you get CentOS and stop trying to spend other people's money on things they don't want to. If you care about Red Hat getting their support, then donate to them yourself, from your own money. Red Hat sells support service, and that is their product. Otherwise, it's just a compilation of others software, just like CentOS is. It's obvious your company doesn't need the support service so CentOS suits you just fine. Pushing an agenda down others throath doesn't help open source's image either. It should come from their own willingness to help or by providing so fantastic service that people actually want it.

Re:Support them from your own money (4, Insightful)

genghisjahn (1344927) | more than 2 years ago | (#37888102)

I think what he's saying is that he thinks they will need the support, and since they can afford it, why not get it?

Re:Support them from your own money (2)

Nazlfrag (1035012) | more than 2 years ago | (#37888320)

Why get it when CentOS fits the bill perfectly? Apart from the GP's rationale, it's also helping to build the profile and perception of CentOS if a major CIO advocates it. Congratulations are in order to the CentOS team for their great work, the fact it was even considered let alone requested is a testament to their excellence. Bravo.

Re:Support them from your own money (5, Insightful)

mabhatter654 (561290) | more than 2 years ago | (#37888274)

The question is not how much support costs. The question is how much is DOWNTIME going to cost the company?

When you hit a problem your team can't solve what dollar value is that? Granted, for anything using a LAMP stack it is probably just as efficient to spin up a new server and start over versus a lot of money for support that isn't going to figure out all your custom stuff anyway.

I swear by IBM System i with IBM support. It's outrageously expensive, but they will call support engineers after hours when you have a problem level 2 can't handle. Microsoft's comparible offerings require a thousand seats.. IBM will sell you support for just one server.

In my case we have three steel mills worth $10k+ per hour of downtime... Even more if downtime causes rework. If we have more than an hour down I have vice presidents in my bosses office!

I suppose it's up to poster's boss, those C.I.O. Letters make it his decision... and his ass will be on the line when you have to explain why he didn't line up something to cover for things the minions can't handle.

You're wrong. (1)

Frosty Piss (770223) | more than 2 years ago | (#37888344)

Otherwise, it's just a compilation of others software, just like CentOS is.

No, that's not so. Red Hat does much more than simply repackage other people's software.

Have a look at Fedora [] .

Learn to use English (-1)

Anonymous Coward | more than 2 years ago | (#37888082)

Your post has basic errors. Why would a CIO listen in a whingeing illiterate dweeb?

Re:Learn to use English (0)

thaylin (555395) | more than 2 years ago | (#37888254)

It is ironic that you tell him to use English, yet your grasp of the language seems much weaker then his.

Re:Learn to use English (1)

Jeremiah Cornelius (137) | more than 2 years ago | (#37888410)


Update & security responsiveness (5, Insightful)

dodocaptain (1177567) | more than 2 years ago | (#37888084)

By and large the CentOS team do an excellent job with the distribution - but it's a volunteer effort and there have been some notable times lately when important or security updates which have been shipped by Red Hat run late with CentOS, sometimes by a considerable amount of time.

If the CIO wants CentOS over Red Hat, he also needs to be prepared to accept the risk of delayed updates, no guarantees to updates or bug fixes and that one annoying time a particular server suffers an obscure bug, there won't be a vendor to go back to for obtaining a resolution.

Public or internal systems? (1)

perpenso (1613749) | more than 2 years ago | (#37888226)

I think we need to know if the centos systems will be accessible by the public or if they are strictly for internal use. If for internal use I think rhel support would be less of an issue.

Re:Public or internal systems? (1)

cream wobbly (1102689) | more than 2 years ago | (#37888282)

Absolutely. If the product is to be used to support a customer's venture, then it absolutely, unquestionably, needs the support of a major vendor. Otherwise, use the free stuff, dammit. You get built-in EPEL and RPMforge support with your Spacewalk server, too.

Re:Public or internal systems? (1)

cream wobbly (1102689) | more than 2 years ago | (#37888288)

Forgot: also config management, alerts, etc. without additonal liceses from RHN.

Re:Update & security responsiveness (1, Informative)

telekon (185072) | more than 2 years ago | (#37888264)

The only updates Red Hat is ever prompt with are security updates. Until recently, I was forced to use RHEL for a number of servers (yes, it could have been much worse, Windows, etc.) but I spent a good deal of time rebuilding RPMs from Fedora just to get current libraries. And I'm not talking weird drivers for esoteric hardware, I'm referring to core language support for Perl, Ruby, Python, etc.

One option you could look at is using Ubuntu. The product is free but Canonical offers paid support for the LTS releases. So you could deploy on it now, and if attitudes change, you can add support later. I've never purchased support for an existing install, there may be a consultancy fee for them to make sure you're not trying to buy support after the fact for a system that's already borked... but it's an option worth exploring.

Re:Update & security responsiveness (4, Insightful)

gazbo (517111) | more than 2 years ago | (#37888374)

I think maybe you're missing the point? If they offered continuous upgrades for non security reasons, they could hardly claim to offer a stable platform. If you want up-to-date packages, why not just use Fedora in the first place rather than backporting packages?

Re:Update & security responsiveness (0)

Anonymous Coward | more than 2 years ago | (#37888426)


"The Fedora Project releases a new version of Fedora approximately every 6 months and provides updated packages (maintenance) to these releases for approximately 13 months."

Because (1)

xbeefsupreme (1690182) | more than 2 years ago | (#37888090)

Red Hat is a cooler name, duh.

Still not Windows (4, Insightful)

Anonymous Coward | more than 2 years ago | (#37888094)

You are lucky your CIO is not wedded to Windows. Stop complaining.

Re:Still not Windows (-1)

Anonymous Coward | more than 2 years ago | (#37888230)

Yeah, I know it burns my ass to have a product supported by the vendor as opposed to a bunch of hacks who might have the answer...
Even without a subscription to MS services, their support kicks the shit out of any Linux support.

CIO may be reasonably well informed (3, Interesting)

perpenso (1613749) | more than 2 years ago | (#37888298)

You are lucky your CIO is not wedded to Windows. Stop complaining.

Not only that the CIO seems to know that Linux has various distributions serving different needs and knows of CentOS' relationship to RHEL. Not being a Windows only guy is great, but knowing that Linux is not a singular unix-like operating system is even better. There is actually no real evidence that the CIO is making an ill informed decision. He may be of the opinion that it is, or should be, within the IT department's capabilities to support these systems. More so if the systems are for internal use, less so if they are accessible by the public.

As with other paid software (0)

Anonymous Coward | more than 2 years ago | (#37888096)

Cover your ass policy.

Enterprise support (1)

Anonymous Coward | more than 2 years ago | (#37888104)

CentOS wouldn't be around without RedHat. When you buy RedHat, you aren't really buying the software since it's free anyway. If he doesn't trust the technical support RedHat offers, that's what you'll need to research well and present to him for a decision.

Linux is free if your time is worthless. (2, Insightful)

Anonymous Coward | more than 2 years ago | (#37888108)

If your CIO believes his bench is strong enough to support CentOS without formal support (or using CentOS consultants instead of prepaying for RHEL), then he's making the right call.

Incidentally, I have very rarely gotten paid support for any software product that was anywhere near worth the price paid; support calls would typically devolve into blame games and shit would not get done until I got out strace or ethereal and could call folks out on their shit.

If your org does not have a strong linux bench or the linux stuff is not a core infrastructure component, or if your CIO manages via powerpoint and bullet points, then outsourcing linux skills to RH could make sense.

Linux is free if you have a brain. (5, Insightful)

khasim (1285) | more than 2 years ago | (#37888340)

Since ANY system you use will require that you learn SOMETHING about it your title is misleading.

The scenarios are:
1. Your people can already handle the task
2. Your people need to learn more and do so without additional expenses
3. Your people need to learn more and do so with additional expenses
4. Your people need to learn more and do NOT do so
5. You outsource the project and dump the scenarios onto the outsourcing company.

It doesn't matter which platform you choose. So Linux is still free (and Free like speech) as long as you have a brain and can learn.

Call RedHat sales and ask them? (0)

Anonymous Coward | more than 2 years ago | (#37888112)

If anyone knows....

Give Em A Call (5, Insightful)

Frosty Piss (770223) | more than 2 years ago | (#37888116)

Give Red Hat a call. Seriously, if their sales department can't justify it for you, it's not justified.

Re:Give Em A Call (1)

wonderboss (952111) | more than 2 years ago | (#37888404)

Good advice. It is Red Hat's job to sell their support.

Re:Give Em A Call (2)

CuriousGeorge113 (47122) | more than 2 years ago | (#37888446)

This is really good advice. Not only will they give you some bullet points for making your case, but there's a good chance the account trip can give you a few discount points to try and win the business.

Re:Give Em A Call (4, Insightful)

King_TJ (85913) | more than 2 years ago | (#37888468)

Fair answer... but I'd say truthfully, the SALES department isn't really the group you want to rely on if you need an honest answer. It's their job to maximize sales, so you can expect them to sugar-coat a lot of things and exaggerate the usefulness and capabilities of whatever they're hawking.

They're not bad if YOU already know you want the product and want some more ideas to make a good case for it. But what I'm seeing here is a guy who seems concerned that businesses the size of the one he's in are "supposed" to be buying Red Hat to help support the project, yet they're opting out because they feel they can get by fine with a free alternative that wasn't necessarily made available with intentions of companies like his using it to bypass paying for Red Hat.

To that, I'd say -- no, Red Hat is a commercial business like any other. They're not a charity. The CIO may be the smart one here. I haven't had to work with Red Hat support before, but my workplace pays a lot of money out in support contracts that generally get very little real use. I think they pay for them primarily as a form of insurance, out of FEAR of what might go wrong in the future. Regardless, if I looked back for the last 5-6 years at all the maintenance/support agreements we own and tried to actually cost justify them based on incidents where we used them? Wow ... that would easily average out to several thousands dollars for each hour of time spent on the phone for support!

Re:Give Em A Call (0)

Anonymous Coward | more than 2 years ago | (#37888474)

This 1,000,000x. Let the salesmen be salesmen.

Support and Release Schedule (2)

bragr (1612015) | more than 2 years ago | (#37888120)

The only 2 reasons I can really think of are Redhat support (which, at the place were I work, barely gets used. In fact I believe we are migrating to CentOS because we can't justify the cost of support with how often we use it), and the release schedule, because it seems like CentOS is run by the seat of their pants, and they'll release when they feel like it.

Re:Support and Release SchedCentos, Seat of panule (0)

djsmiley (752149) | more than 2 years ago | (#37888192)

Seriously if you think centos is anywhere near cutting edge.... oh dear.

Re:Support and Release SchedCentos, Seat of panule (0)

Anonymous Coward | more than 2 years ago | (#37888218)

Seriously if you think centos is anywhere near cutting edge.... oh dear.

I do believe that's the opposite of what he said. They're not committed to a release schedule, so they're far behind red hat, releasing whenever they feel it's ready.

They are both awful (1)

Anonymous Coward | more than 2 years ago | (#37888124)

Centos is awful. I have no idea how to track security updates which is probably the most important thing. Other distributions have security updates linked from the front page and make things easy.

Tracking security updates should be your number one priority, everything else is easy.

What does support mean? (5, Insightful)

TheRaven64 (641858) | more than 2 years ago | (#37888130)

If you can't answer the question 'what does the support buy you?', then you can't answer this. Most of the time, when people talk about support at the enterprise level they mean adding features and fixing bugs that are important to the company paying the bills. Do you have the expertise in-house to do this? If so, then there is no advantage in Red Hat over CentOS (unless it means you can make some of your in-house people redundant). If not, then it has some value. If you can do it all in house, then do: that's the main economic advantage of Free Software, that you always have competition when it comes to providing support, you never have one vendor that is the only one that can fix the bugs that you care about.

If you can do it in house, then don't try to persuade your boss to let you pay Red Hat, persuade him to let you send any fixes or enhancements that your team makes to the relevant upstream projects. This is likely to be much more valuable to those projects than your handing over a pile of money to a third party.

Re:What does support mean? (3, Insightful)

Kjella (173770) | more than 2 years ago | (#37888478)

If you can't answer the question 'what does the support buy you?', then you can't answer this. Most of the time, when people talk about support at the enterprise level they mean adding features and fixing bugs that are important to the company paying the bills. Do you have the expertise in-house to do this? If so, then there is no advantage in Red Hat over CentOS (unless it means you can make some of your in-house people redundant).

The real question is: Have you ever used your fire insurance? If no, do you think it would be a good idea to drop it? I'd call it excessive if you used it even once a decade. Most companies I know really have support because they can't afford to have a big staff waiting around for shit to hit the fan, but if shit hits the fan they can't afford extended downtime. What if your main man is on vacation or hospitalized or just left the company? The minor features and bugs that get fixed might be perks but that's not really why they're paying. And that's why the CIO's suggestion might work fine this year. And next year. And the year after that. But when your production server just keeps crashing and the backups just keep crashing because it's hit some ugly condition and you need people that really know the system and you need them right now, that's when you want support. But it's rather hard to argue with a man that think lightning never strikes.

Look on the bright side... (0)

Anonymous Coward | more than 2 years ago | (#37888134)

If your CIO would rather pay you for support than contracting with Red Hat for it, you're getting that much more job security.
I work for a institution which uses Red Hat, and honestly we haven't gotten any support from them in the 18 months I've been here.
I'd much rather use a Debian based distribution (like Ubuntu), because upgrading is easier -- currently we're struggling to migrate from RH 5 to 6.

or... when Debian exists! (0)

Anonymous Coward | more than 2 years ago | (#37888140)

I also use centos, scientific linux and redhat, but prefer debian...

Have it put into writing. (1)

digital photo (635872) | more than 2 years ago | (#37888150)

Seriously, if your recommendation was to go with a product with paid support and your CIO is opting to go the other way, then get it in writing detailing the exchange. Nothing wrong with Centos. Nothing at all. Great platform and great support. However, there are products out there, or drivers for said products, which will ONLY work on a RHEL box because of RPM package dependencies or library linking to libraries of different names/etc. When that time comes up and it results in downtime, you don't want your manager or worse yet, the same CIO riding you for an answer as to why it is taking you so long to get a "standard" RPM installed to get things working again.

I've used RHEL, CENTOS, Oracle's EL, and Ubuntu... and there is ALWAYS something that needs a driver or a package installation that breaks because it didn't support the distro/flavor/version you have installed. Alien and other tools can only do so much... you don't want to be pulling your hair out at 2am in the morning... or worse yet, at 2pm in the afternoon, during a deployment/conference/expo/etc.

Tell me again what the problem is here? (1)

Kjella (173770) | more than 2 years ago | (#37888152)

The boss doesn't believe in support. CentOS is a product with no support. Do it, and if shit hits the fan you have your big "I told you so", hopefully in writing. If it all goes to hell, show that to his boss, assuming he has one. It's one thing if management doesn't understand, here they apparently do understand but disagree. Then they're free to fall on their own sword IMO.

Ethics (0)

Anonymous Coward | more than 2 years ago | (#37888156)

This is about ethics. Companies don't act ethically. It's that simple.

On the other hand chosing software without commercial support makes the IT people in the company less expendable. It's not ethical, but going with CentOS puts you in the position of power. Getting a raise will be easier....

Re:Ethics (1)

mabhatter654 (561290) | more than 2 years ago | (#37888428)

And the first time that bites the other "C" guys in the ass the whole department gets shipped to India, damn how much it costs.

Maybe this is a non-critical business that can afford time to fix things. But if the CIO thinks lack of payed support makes your team MORE valuable, it ALWAYS backfires. IT is always expendable.. We make too much money and aren't part of the "golf and hookers" culture. They'll never really trust us.

Typo in headline (1)

lexcyber (133454) | more than 2 years ago | (#37888158)

How can I justify redhat or redhat-based distribution when there is debian?

CentOS has it's own problems (1)

Anonymous Coward | more than 2 years ago | (#37888160)

There are other issues with using CentOS instead of Red Hat. As of late, the timeliness of updates has not been acceptable for a security minded organization. The leaders of the project have shown no desire to open up the process to other contributors from within the community. It's gotten bad enough that quite a few companies that I consult for have started switching to Red Hat (or Scientific Linux). I think it's a fair assessment to say that the future of CentOS as an enterprise distribution is in question.

If your CIO won't consider paying for Red Hat, you owe it to yourselves to look at SL. It's backed by quite a few research organizations and universities. They release quarterly status updates. They turn out updates significantly faster than CentOS (many months faster for 6.0 and 6.1) and security updates for packages are faster as well.

Paid support (1)

nurb432 (527695) | more than 2 years ago | (#37888162)

From the people that created what you are using.. That is justification enough.

Having someone else to point fingers at when things fail should not be discounted.

Re:Paid support (1)

sjames (1099) | more than 2 years ago | (#37888366)

You'll never be able to sell the blame game to the person who would be looking to assign blame. That's an argument you can make to middle management, not a CIO.

we have 3000 linux machines (0)

Anonymous Coward | more than 2 years ago | (#37888164)

1/3 of them desktops, 2/3 of them render farm. We have no support of any kind.

Business Case (0)

Anonymous Coward | more than 2 years ago | (#37888166)

The -only- way you'll persuade the business mindset is to write the business case as to why to use Redhat over CentOS. So, either go with the flow, or use your spare time to create the convincing argument f

Depends.... (2)

larien (5608) | more than 2 years ago | (#37888170)

This very much depends on the organisation and the risk appetite.

If you have a technically skilled support team who are willing and able to get into a bit of C coding, the "free" linux distros are viable. If your support staff are pure admins and don't do C coding much/at all, they'll struggle to maintain Linux without someone like Redhat backing them up.

Also, it depends on the app - if it can fall over for 2 days at a time without much of an issue, who cares about support? If an hour of downtime is a big issue, you need someone who is able to fix it Right Now (TM). If your local team is good enough, that's fine, but mailing list/forum support of free software is down to the goodwill of the community. They don't care if your app is down, they have day jobs and social lives as well. With Redhat, you can get someone on the end of the phone 24x7.

Re:Depends.... (1)

vlm (69642) | more than 2 years ago | (#37888348)

they'll struggle to maintain Linux without someone like Redhat backing them up.

I have to call that out. It has not been 1993 in almost 20 years.

Re:Depends.... (1)

larien (5608) | more than 2 years ago | (#37888494)

Ok, scenario time:

One of your key system daemons has just crashed (SEGFAULT). Restarting it causes yet another crash; what do you do? If you know C coding, you start doing stack traces. If you have a support contract, you call them up. If you have neither C skills or a support contract, you hope like hell that Google can help you. If not, you're reliant on someone on a webforum/mailing list helping you out, possibly including handholding on "how to run a debugger on a core file".

I don't care whether it's 1993 or 2011, the fact is if something goes wrong, you need someone who can investigate, find root cause and recommend a fix. That pretty much has to be a skilled internal admin with C skills or a 3rd party support contract.

It's easy to maintain an OS (Linux, Windows, Solaris, AIX, whatever) when things are working, the problem is what you do when things go wrong. That's when you need the support.

What do you want? (2)

0123456 (636235) | more than 2 years ago | (#37888172)

CentOS is good but slow; AFAIR Red Hat are working on 6.2 whereas CentOS 6.1 isn't even out yet. I use CentOS on my telecommuting system but considered paying for Red Hat last year when security patches got weeks behind.

So CentOS will save you some cash, but if you want to keep the OS up to date with fixes then you'll need to spend some money and buy Red Hat.

Re:What do you want? (1)

Pharmboy (216950) | more than 2 years ago | (#37888330)

To be fair, CentOs is pushing out all the 6.1 security releases to 6.0 users (like myself), so it isn't quite as bad as you state. Granted, it isn't great, but the systems are still fairly secure.

That said, I would be lying if I didn't admit I have been looking at Scientific Linux, only because I cut my teeth on RH back in the 90s and used to the layout, and Scientific may have a better product when it comes to updates.

Re:What do you want? (1)

0123456 (636235) | more than 2 years ago | (#37888380)

Yeah, we've switched a number of CentOS systems to SL over the last few months. I've considered doing that with my telecommuting box, but since I'm connecting to CentOS 5 machines I'd rather have the same OS here.

Go with CentOS plus one action (2)

mbkennel (97636) | more than 2 years ago | (#37888174)

Go with CentOS as the CIO asks, and suggest one additional action: a modest donation to the CentOS team (less than RedHat support of course).

The real motivation is to get on the good graces of the primary CentOS developers/packagers, and develop a relationship so that if the company runs into something very difficult that they can't solve at once, they will pay for some direct one-on-one consulting from these developers as needed, and not as an ongoing expense.

Lack of confidence? (1)

Anonymous Coward | more than 2 years ago | (#37888178)

Your CIO is already paying you. Do your job correctly and your CIO won't need a support subscription.

If your concern is over the ethics of it, wash your hands because it's not your call. When you get to be CIO you can make decisions about where to spend the IT budget. Raise your concerns, do what you are able and move on.

We use Centos at work... (2)

djsmiley (752149) | more than 2 years ago | (#37888180)

And while sometimes the community is great, other times they make me want to stab myself in the eyes.

It really depends how deep into system your getting. If its the kind of thing that could run on ANY linux distro, you'll be fine as there is such a large community that can help. However if you find issues which crop up perticuallry with _centos_ and nothing else, and you require something which isn't "normal" in centos.... i.e.. not in the repos and your not happy building software yourself (which is kind of silly in linux but wouldn't surprise me these days) then you could be well and truely out of lucjk.


If you can admin yourself, build your own software and fix it yourself - centos works fine
If you can't, you need that levle of extra support red hat offers.

Disclaimer ( I've never used red hat technical support, but have worked with random other companies who do technical support as my roles in IT work places and I think I know what to expect.

What's the issue? (0)

Anonymous Coward | more than 2 years ago | (#37888182)

The summary doesn't state why the person posing the question wants to pay for support. Do they not have the expertise? Is it a simple matter of wanting to support a Linux company? It sounds like the CIO is, reasonably, looking to get a good deal on their software purchase. If you can't give them a reason why Red Hat is the better option then I don't see what the problem is.

Your boss is in the minority (1)

etymxris (121288) | more than 2 years ago | (#37888190)

From what I've seen, large enterprise customers prefer to have support. Many will in fact not use anything that doesn't have "enterprise class" support. Maybe your company will be fine without such support, but then again, maybe it won't be. When shit hits the fan the CentOS developers aren't going to help you out, and Red Hat certainly won't either. But if you don't think you'll ever have a problem with the OS or a distro provided package, then go ahead.

I sympathize with your boss's disposition. Paid support often is absolutely worthless. I don't think Red Hat's support is worthless though.

He's the CIO, what is your justification? (1)

Anonymous Coward | more than 2 years ago | (#37888194)

It seems like the only reason you've outlined is "because we have money". What is your justification for wanting to use something that costs money (usually not a small amount either). If you really just want to spend money, you could always identify those instances where RHEL support will buy you something beneficial and spend it on those. Alternatively, you could donate (equipment or money) to the CentOS project.

How can you justify using Red Hat? (1)

lanner (107308) | more than 2 years ago | (#37888206)

In order to make the headline question nice and small, you didn't specify why you want to use Red Hat over CentOS.

Was it because you find the support from Red Hat valuable? You've had trouble in the past and really want to be able to get some technical help when problems come up?

Was it because you just want to make sure that Red Hat gets paid for the work they have done, or which the CentOS goons just leach off of?

Personally, if my direct reporting manager made such as requirement of me, I'd just up and quit. Actually, I already did that, and recently. That being said, I'm a Debian guy so I don't really have this particular problem, but when PHBs make demands of saving money now in the name of causing problems later, I'm out of there.

Red Hat isn't a charity (1)

FoolishOwl (1698506) | more than 2 years ago | (#37888210)

The only thing it lacks is support, which the CIO doesn't want.

The only real question here is whether the CIO is in error about whether you need a support contract. If you don't need a support contract, it simply doesn't make sense to use Red Hat instead of CentOS.

Red Hat is a profitable company. They make money by selling support contracts and by providing training and certification. Training for Red Hat is training for CentOS, and software developed for CentOS is software developed for Red Hat, so Red Hat actually stands to benefit from the popularity of CentOS.

Security, CEO/CIO due diligence (1, Interesting)

syousef (465911) | more than 2 years ago | (#37888212)

Centos is a community effort and would be easier to infiltrate and infect with malware than official Redhat. While it's not the most likely scenario, the CEO and CIO may find themselves in a position where it could be argued that they did not exercise due diligence and care should your company lose data or be compromised in some other way. The breach doesn't even have to be related to Centos itself. They just have to be audited or investigated for some sort of breach and it happens to come up that instead of going with a cheap and trusted supported and paid alternative, they got cheap and greedy and cut corners.

The only problem with this line of argument is that it can backfire big time: the execs may panic and go too far - for example banning all open source or free software.

Support contract of third party app... (0)

Anonymous Coward | more than 2 years ago | (#37888214)

Why you needed Redhat? Does any application requires, as a contractual clause, the use of a "enterprise" distribution as Redhat Enterprise or Suse Enterprise? IBM, Oracle and may other ISV vendors require this to have support for their product. This is the ONLY reason I see you would need a "enterprise distribution"... and, true to be told, even with your contract support, if you aren't a big customer (believe me I work for one of those two) is fairly remote the support you will get, and not much different than the support or information you could get from your google-fu skills. If you are worry about support, contact local linux enterprises and ask for a bid for support... with Linux, you will have troubles very early in the implementation, or relatively easily identifiable hardware issue (yesterday we had network, not today). If you get "random issues" that could be 2 things... software (specially if you are using java) tne 95% of the time, or faulty ram...

But for example, you have faulty ram, they you are in the need of better hardware, with hardware based memory error detection, and if you are worry about future issues because your skill level, Improve it, and make tons, and tons of backups...

Don't spend the enterprise money in software licences, better use it to get MORE and Better hardware....

Support (1)

devnullkac (223246) | more than 2 years ago | (#37888222)

There's really only one question to ask the CIO: if we're not paying for support, what will we do if we encounter a problem in the OS that we do not have the expertise to solve?

If you've got a Scotty-like reputation for problem solving, then it may simply have never occurred to the CIO that there's a problem you and your team can't solve. Make it clear that there are specialized areas of expertise involved here and you don't staff to investigate and solve them all. If you're running a mission critical system, then time-to-resolution matters. With Red Hat you can presumably get a service level agreement with a time-to-resolution clause. If you're just Googling and begging for help on forums, you can't make any guarantees. The CIO may assert that this is a reasonable risk. Make clear that it's his risk, not yours, and if failure comes knocking, make sure it's at his door.

Get what you are told if you have it in writing (1)

asdf7890 (1518587) | more than 2 years ago | (#37888228)

If you have the conversation in writing where you have recommended RedHat and why but you have been told to get CentOS instead, go CentOS. Chances are all will be well and it will be money saved. If something does go wrong that a support contract would have dealt with, no one can blame you for choosing CentOS over RedHat and you might even get a few hours paid overtime fixing the issue yourself...

Liability (2)

Yo Grark (465041) | more than 2 years ago | (#37888242)

The only thing I can add is Liability. RedHat assumes some liability in the day to day operations of your company. Liability which if you sell to customers (aduh) they require for certain forms and certifications. Insurance is not enough. We're talking SOX, we're talking HIPAA etc. At the end of the day though, just remember that these are just tools. No different than someone saying "I want a stanley hammer" and you getting a black and decker.

I've written a few whitepapers on Support and Maintenance, and in my surveying of customers, liability or the ability to checkmark that their supplier/vendor has liability for the code they use to produce their goods has been a very GOOD thing in a few cases like government and lawfirms.

Yo Grark

Why? Simple, lack of security updates (2, Informative)

Anonymous Coward | more than 2 years ago | (#37888244)

CentOS went three months without a single security update earlier this year, who in their right mind would touch it given that history?

Re:Why? Simple, lack of security updates (2)

VenomousGecko (659254) | more than 2 years ago | (#37888292)

I agree with this. I have had customers running RHEL and CentOS and there have been a few times where CentOS does not keep pace with RHEL (most notably with the RHEL 6.x release). Support for issues is one thing but if the OS is not patched because the vendor, in this case CentOS, does not push them out then what recourse do you have as a CentOS user? You didn't pay for it so, to be blunt, "Sucks to be you." You take your chances when you choose CentOS for production environments.

Re:Why? Simple, lack of security updates (0)

Anonymous Coward | more than 2 years ago | (#37888438)

CentOS went three months without a single security update earlier this year, who in their right mind would touch it given that history?

It's fine for development systems that need to operate certified software. Only a clueless spreadsheet monkey would try to save a few bucks by deploying it on a production system that's accessible from the internet. Whoever posted this question should forget about arguing with his CIO, it's pretty useless. And he should get his parachute ready because if these systems get hacked that CIO is going to make sure the fan is pointing his this guy's direction when the shit hits it.

Why are you so insisting on Red Hat? (0)

Anonymous Coward | more than 2 years ago | (#37888248)

If CentOS does the job equally fine, why do you insist on paying for Red Hat? Don't you have people around who will make sure your project works? Do you really need others to do it for your company? (re: red hat support)

You pay for it one way or another (0)

Anonymous Coward | more than 2 years ago | (#37888252)

I suspect your CIO feels this way about paying for support because he/she is surrounded by highly skilled technical people. Most any problems are thereby expected to be solved in-house. Regardless, its something you probably can't influence one way or another, unless you're willing to commit to a Corporate Re-education Campaign. As with all things with management, YMMV.

Either you pay for it by having to keep technical staff on hand that are able to solve problems (e.g. read documentation) or you pay for it by buying a support contract. It's definitely cheaper to buy support contracts than to keep a few experts on hand. But then you also run into the gray areas when trying to gauge what's appropriate. In the case of Red Hat, the support isn't that great in my past experience. For example, if you have an issue that is kernel related, it will take a while to get you up and running again. In some cases you can end up with a reasonable workaround, but that's not a given. If asked, I would probably side with your CIO to opt out of paying for Red Hat support. The value in Red Hat support is the updates, but you get those for free with CentOS.

A good backup plan (1)

nukem996 (624036) | more than 2 years ago | (#37888286)

RHEL support gives you a very good backup plan. If something goes wrong with your Linux systems they will stand behind it and help you get it right. CentOS your on your own. While that might be fine most of the time a case could come up when no one on your team knows how to fix or do something and your stuck. RHEL will help you through it in a timely manner while CentOS might lead to long down time. As others have mentioned CentOS is way behind on building updated packages. Because of this you may be open to a security hole for much longer then you would with RHEL. The other thing to keep in mind is if your using any third party software they won't support you running CentOS. If your CIO really wants a free Linux distro I would go with Ubuntu. Your getting the same binaries are the paid version and if something bad happens where you need support you can get it pretty easily.

Re:A good backup plan (1)

nukem996 (624036) | more than 2 years ago | (#37888392)

The other thing I forgot to mention is if you do run into a bug RHEL is much more likely to fix it in a timely manner then CentOS will. This is especially the case if you run into a bug that is unique to your situation.

Ask the CIO: will we be opensourcing our software? (1)

jerryasher (151512) | more than 2 years ago | (#37888304)

I've been on many projects that opted for Centos over Red Hat, and some in which the CIOs demanded Red Hat over Centos. All on various perceptions of what free means and what paid for means. Sort of a Rorschach test.

If you feel strongly about this, you might ask the CIO if you folks will be open sourcing the software you write, and if not, why not.

Penny wise and pound foolish. (1)

Wakko666 (103050) | more than 2 years ago | (#37888316)

Ultimately, it's a question of paying in dollars or paying in other resources, such as admin time.

Instead of paying Red Hat to spend their time supporting their OS, he's going to be paying his own folks to provide that support. There will be no guarantees about how quickly vulnerabilities are addressed, no guarantees on when his systems will receive updates regardless of severity. His admins will be dedicating time to supporting the OS that they could otherwise be spending building *on top of* that base OS.

Free may save him some dollars in the short run, but as someone who's done sysadmin and ops work for the last decade, I can say with certainty that he *will* be paying those exact same dollars (or more) over the long run. Maybe he's okay spending dollars out of operating expenses rather than capital expense, but one way or another, those dollars will be spent. The main question he should be answer is how much value he's really receiving for those dollars.

In my opinion, he should spend the money on RH entitlements and let his sysadmins work on projects that aren't simply reinventing the same wheel.

This also doesn't get into any of the value-add stuff that the RHN or RH Satellite provides, such as easing and speeding up the audit process for SOX and PCI audits.

Support, up to date products + perfect parachute (0)

Anonymous Coward | more than 2 years ago | (#37888326)

CentOS cannot have that - as someone said, CentOS is 6.1 barely, RH is 6.2.
I do understand why you want to buy RedHat. It's the support, but it's also buying from the cow, since RH are one of the largest (if not the biggest) contributors to the Linux kernel + many other stuff. I think it's the fair place to put your money, but if your boss doesn't understand that, try to make him understand the dangers of being out there in the open without guarantees (things that RH offers). Like patching a vulnerability in a specified time limit. You know, the kind of stuff that will save you from leaking client data and other things similar. CentOS can never provide that, nor can they be made liable. Tell him that RH is his parachute if something goes awry - and he will not be held responsible if he made the right decisions.

For the guys that recommend Debian: while I admire the wonderful debian tools, that's about it. RH invested a lot in the core OS and I think that Debian also profits from the success of RedHat. While I do agree that Debian is great, I don't recommend it for enterprise.

That's why people buy Windows, btw. It's because they have the perfect parachute in the MS support.

Your CIO geenralizes a little bit strongly. (1)

drolli (522659) | more than 2 years ago | (#37888346)

> Our CIO is convinced that technical support for any product is worthless.

I know of people who were lucky to have bought Redhat on a supported Hardware and getting a quite subtle question about a specific raid controller config which blocked them from using their compute cluster answered promptly.

Why do you want to (1)

sjames (1099) | more than 2 years ago | (#37888350)

You haven't given us any information to work with. The best I can infer is you want RHEL because the company has money. That's not a reason.

WHY do you prefer RHEL over CentOS? Are you at all likely to encounter an issue covered by RHEL that you can't solve in-house? If so, wehat sorts of issues? Are they things your department is supposed to be able to handle?

Bug fixes (1)

tanawts (786512) | more than 2 years ago | (#37888352)

With commercial support, if and when you find a bug in the distribution, you have the means and leverage to have the bug fixed and possibly interim workarounds.

I work on an Open Source project (0)

Anonymous Coward | more than 2 years ago | (#37888354)

I work on an open source project which shall remain nameless. Myself and the other maintainer both work on Commercial projects that use said project and both of us have a similar philosophy when it comes to bug fixing. If it effects the people that are paying the bills fix it, if it doesn't review patches (when we get time) and accept them if they don't break our uses of it. When it comes to RH or CentOS your choice is to be the customer or to be the random dude with a bug report. If you have the technical expertise to fix bugs and possibly manage custom versions of software if upstream doesn't accept your changes go for the "free" version, otherwise you are better off paying someone to do that for you.

No Brainer For Me (1)

StormReaver (59959) | more than 2 years ago | (#37888356)

I tried putting a client on CentOS 5, and it was a disaster. EVERY Qt or KDE program randomly crashed on startup (sometimes it would run, sometimes it would crash), but there was no rhyme or reason to it. After limping along this way for a few months, they insisted that I do something. I removed CentOS, and replaced it with Kubuntu. Not a single problem since.

CentOS had demonstrated very poor quality controls, so I decided to stop using it. For customers with 3rd-party software that must run on only officially approved distributions (which boils down to Redhat) such as Oracle or ESRI, I use RHEL. For everyone else, I use Kubuntu. CentOS will likely never see another installation on any server I manage.

The CIO is correct. (1)

SuperQ (431) | more than 2 years ago | (#37888370)

The CIO is right for the most part. But I would say this. You will need to replace the redhat support with one extra FTE in order to make sure that security updates match what redhat is doing.

I can't see why anybody would use redhat (0)

Anonymous Coward | more than 2 years ago | (#37888376)


Upgrades are worse than windows. Package manager is only recently catching up (but not yet met) where other distros have been for decades. C'mon, why RH OR CentOS (which suffers the same shortcomings as RH). I haven't used any other distro that recommends against an upgrade. Also, what is with needing a CD to upgrade even if you are willing to "risk an upgrade". RH does upgrades the worst of all distros, I think Debian does it best. just a simple command to upgrade a host to the next major version, and there are tons of Deb systems that have been through many version upgrades, and work perfectly (no "risk" here).

The only reason we have ever run a RH or CentOS box is when a commercial vendor requires use of this inferior distro.

RH also packages almost nothing. Had a box running one of those commercial apps, and RH (not centos), and it needed some sort of AV. RH didn't even package ClamAV! (not sure if this has changed with recent versions, but, again, c'mon!

What about Oracle Linux? (1)

hejish (852589) | more than 2 years ago | (#37888384)

If you consider CentOS, have you considered Oracle Linux. Why I've used RedHat: I use software packages not supported under CentOS. Those packages (including Oracle database software) are supported under Oracle linux. With Oracle Linux, you can choose to go a very-much-like CentOS path and not get support and not pay, or you can choose to pay and get support where you need it. Real support, not the "it is better to get help from the community than expect actual help from the company you are paying" kinds of support. I am NOT an Oracle linux user. I am evaluating this issue right now.

Support = you (3, Interesting)

vlm (69642) | more than 2 years ago | (#37888394)

The only thing it lacks is support

That's you, right?

Its a whole different ballgame if the boss is willing to hire someone who happens to be a dev for the OS.

That is roughly the position I operate in since 1997, but in a Debian world.

You Can't (0)

Anonymous Coward | more than 2 years ago | (#37888400)

Under the context you describe you can't justify Red Hat.

The CIO has determined that his strategy is to take on support risk in house. That may mean that he pays for experts he controls, it may mean he has an operational strategy that makes the impact of technical incidents related to the OS have less impact, or it may mean he ignores the risk because it isn't likely enough to occur or if it does occur isn't a big enough of an impact economically to justify the cost of vendor provided support.

The reason he has chosen this strategy is relatively unimportant (unless of course he has solicited your input on the strategy). Under his current strategy the decision to use CentOS even if you can afford RedHat or even to build your own OS is irrelevant. Take a requirements based approach, determine what your operational and non-functional requirements are, and implement his strategy to meet those requirements. When you're CIO you can change the strategy.

3rd party software certification (0)

Anonymous Coward | more than 2 years ago | (#37888416)

What if you've got to use RedHat with a closed source solution... and that solution is buggy an requires undocumented tweaks? Having Redhat support in the loop could help take care of that. Is the configuration your using even supported?

YOU are the ongoing support contract. (0)

Anonymous Coward | more than 2 years ago | (#37888418)

I think what you don't realize is that you have a very forward-thinking CIO who supports open source so much he's willing to hire staff to implement and support it. If you find a bug in centos, fix it on the job. Get paid for your time. Submit a patch to the community. There: you're a paid open source developer. Are you failing to see how awesome your boss is being?

Lacks more than about: QA, certs, RHN.. (1)

dAzED1 (33635) | more than 2 years ago | (#37888420)

"The only thing it lacks is support, which the CIO doesn't want"
There's more than that it lacks, even for the basic customer. Something more important (to me, at least) that it lacks - RHN. RHN is great. Yeah yeah, one can set up a spacewalk server and update locally. I know. But...why?
Another thing CentOS lacks which is extremely important in the industrys I tend to work in: certifications. Has CentOS been EAL certified at any level? No. Will the DoD let you use RedHat over CentOS? No. Will a PCI auditor be a fan of your use of CentOS for your externally-facing website that processes credit cards? No. Does CentOS have enterprise-level QA processes for each and every thing that they are (because they are...) modifying? No. Would the FDA be happy with an OS vendor with no QA process? No. What's the indemnification that CentOS will give you in suits against Microsoft?
It's not as though the options are "CentOS" versus "Redhat with full support" after all. There's the self-support option [] , which just gets you access to allllllll the other things. And you can even be "that place" that has 500 servers but only bothers getting 50, whichever, won't really matter except for the indemnification part.
I mean, what industry are you in that the question is even worth pondering? If you handle money, sensitive material, or PHI you'll spend WAY more than that tiny self-support price in the bribes and obfuscation necessary to get ok'd with CentOS. I mean hell, Fedora has a more extensive QA process than CentOS. Maybe you should just tell your boss you agree with him so much you think you should use Fedora!

CentOS Goes Missing (1)

Anonymous Coward | more than 2 years ago | (#37888422)

Yes CentOS is great in fact I use 5.7 as my webmail server, but what happens when the guy running Cent OS decides to vanish for 2+ weeks without anyone being able to get in contact with him as happened only about a year ago

Sorry, don't see Redhat doing that one....

Two words: RISK MANAGEMENT (1)

mikelieman (35628) | more than 2 years ago | (#37888432)

When your production instances running on Centos get rooted because of an unpatched vulnerability, and your company gets the same reputation for security as Sony, your entire board of directors will understand why you need support -- even if the CIO doesn't get it..

"Red Hat had this patched on 01-October, why were we still vulnerable?" is the kind of question a CIO hears right before he's fired...

IP Indemnification? (0)

Anonymous Coward | more than 2 years ago | (#37888436)

We have faced a similar question and ultimately went with Red Hat for the IP Indemnification found in their "Open Source Assurance Program" -- the way I understand it, if someone decides to pull a SCO, Red Hat will go to bat for us.

Three Reasons why you might want Redhat. (1)

Vellmont (569020) | more than 2 years ago | (#37888444)

1. Redhat provides more timely security updates. One ownag3 due to a patch being late in Centos, and your CIO will wish he had spent the extra bucks. This isn't terribly likely, but it should still be a concern.
2. Redhat provides indemnification. This can be a Big Deal if you get sued by someone. A large enough company with deep pockets is a target to be sued. (Patent lawsuits anyone?)
3. Redhat provides 24/7 support. Sure, your admins may be Super Great, and you never need the support, but what happens when the admin is on vacation, fishing in the middle of Alaska with no cell coverage? What happens when the Super Great admin finds better pay somewhere else?

With that said, I think Centos is a great option for a lot of people. I use it myself for my home machines, and have used it for small businesses. None of the above are terribly important for either of these cases, so Centos is a much better option. But at a certain point, largely dependant on company size, the above reasons are going to overshadow the additional cost.

Flat-out contradicting will not help. (1)

jimicus (737525) | more than 2 years ago | (#37888456)

There's a number of ways you can deal with this, but one of the most important aspects is how you approach your CIO.

I'd strongly recommend you pick up a copy of Dale Carnegie's "How to win friends and influence people". It's mainly aimed at salesmen but there's a lot of information in there that's useful for people in all walks of life.

Why we stopped buying RHEL (2)

digipres (877201) | more than 2 years ago | (#37888458)

Some years ago we set up all of our systems using RHEL with a paid support subscription. As a government agency we considered this the proper risk averse thing to do. When we had an actual issue that required technical support, we discovered that the people tasked with delivering the support were clueless and once the query was laboriously escalated up the chain, we found that we were met with apathy, not much more clue and no effort to dig into the issue.

So we changed to another distro, stopped paying for support, and on the occasions where we do run into something strange, a few minutes of web searching usually uncovers an answer.

It would be *very* hard to make a compelling case to us for paid support these days.

Why bother with Redhat? (0)

Anonymous Coward | more than 2 years ago | (#37888462)

What does Redhat support get you? In truth, it doesn't get you much at all. We pay for Redhat licenses, but we use Centos as well for dev & test environments. I don't really see what paying for Redhat gets us at all. It is a waste of money.

It's all about horses for courses. (2)

prowler1 (458133) | more than 2 years ago | (#37888464)

One company I worked at would _only_ let us use RHEL because it was an Enterprise level OS which meant if there was a problem with it, then we could get support if it was beyond the SysAdmins but mainly because it meant they had accountability.

Most of the other companies I have worked at have used CentOS because it is free.

If you need the support, accountability and the stability with release cycles and patches etc then go RHEL. If cost is a factor and you don't mind not having the backup there if things go really bad with support, go CentOS. Just weigh up the pros and cons and go in batting for the more appropriate solution.

I have to admit that the place where we used RHEL, management changed and the new manager in charge of signing off my PO's was a bit of a Microsoft fanboy and wouldn't approve the renewal of our RHEL support agreement because 'I don't see why I should pay for support for a free Open Source solution' which I got told after he spent a decent amount of money for an Exchange+Blackberry solution. Due to his attitude, we lost a sale to a bank after they did an external security audit on us and needless to say, he only kept his job for a few months after that. It didn't stop him trying to blame me for the servers not being under support, thankfully I kept all the correspondence about the situation :P

Now I am currently stuck with our preferred vendor for Linux being OEL (Oracle Enterprise Linux).

Sounds like you consider RH to be a charity (1)

petes_PoV (912422) | more than 2 years ago | (#37888476)

We are not those people. We have money.

So your argument is that you should pay for it because you can afford to. Not because you have costed the benefits or one solution or another, but simply to "reward" RH because your company is in a position to pay.

On that basis your CIO is making the right decision for the company and its shareholders.

there are other expenses (1)

YoungHack (36385) | more than 2 years ago | (#37888482)

To be fair to your boss, I've witnessed plenty of "issues" arise with different software platforms that had commercial support and where the vendor wasn't particularly interested in resolving the issue. Perhaps we weren't big enough fish in the pond. I've also watched IT staff use that as an excuse for failure. In my personal opinion, designing around a closed source solution and having poor response from a vendor shouldn't let you off the hook. In a way, it's worse than an open system, because often you can't even get into the guts of the problem to fix it, even if you might have the ability.

The cost to a company for using a commercial platform is not merely in the cost of the licenses, either. You have to also consider the cost of license compliance and tracking. The energy my workplace spends in a year on tracking "seats" and negotiating licenses for closed-source programs is just depressing.

One word CVE Support (2)

JTW (11913) | more than 2 years ago | (#37888492)

If you need to explain why you were hacked with a common exploit that's been in the wild .. say 12 hours after Defcon.. you need real support, even if it appears passive and monitors your vulnerability and sends you a little reminder to "patch". One of the realy nice things about Red Hat Network is it "proactively" monitors the status of your machines and "suggests" patching for specific vulnerabilities by CVE.

I can't imagine "anyone" with experience suggesting such a thing.

CentOS is great.. and has stated goals.. but no one is paid on the CentOS project to create patches and update systems using CentOS.. its best effort only. At times its only porting of a patch released by Red Hat with no testing. And it almost always, by definition "lags" behind RHEL. CentOS does not port forward, patches originate upstream and port downstream.

While some third party software that you buy will state "should work with CentOS" that rarely extends to "supported" since they would be on the hook to support the OS as well.. or defend their position its an incompatibility with CentOS.

The more binary capability you need the worse the situation gets, for example with Tape Libraries and Backup Software, Antivirus software, SarBox software.

You might get away with it for a very short time, but as the subrelease numbers increase the differences begin to appear.

The most sensitive point is CentOS cannot be recomplied to be identical to RHEL, they have to use different kernels and or compilers since they only have access to source.. so its not a true clone. It strives to be that, but its still not the real thing. And with recent changes in packaging greater differences are going to appear.

Its such an obviously, strange suggestion, its almost not really worth discussing.

People who arrive at a conclusion "irrationally" without all the facts can rarely be "reasoned" out of the conclusion.

Bottom line, it is not Red Hat Linux.. it strives to be as much as possible and that is its charter.. but there are differences.

Paying for support is a whole other issue.

Support can be defined to be "community forum support", "email support", "phone call support", "remote login and fix my problem support", "custom software development support", "patch support" which can be broken down into "security patch support" and "bug fix support".

At a bare minimum you want "security and bug fix" support that's the real reason for signing up for Red Hat Network. You get proactive monitoring and timely patches for known documented CVE exploits that are retroactively tested and easy to apply. You get access to a bug tracking and resolution system which lets you log a bug, and see it progress throughout the system. You get access to incremental subrelease media so that you can deploy new systems without rolling all of the patches released since the initial release across the new system.. it keeps the install system up to date and concise.

I mentioned before, but really like that the agent you run on the system notifies Red Hat of the patches installed, they diff those between what they know is available and proactively send you an email to remind you if one of your systems is "exploitable" by a known CVE. Red Hat documents or converts bugs into CVEs that are industry wide that can be referenced and tracked across distributions, even across different Operating Systems. That is "Hugely" important, it becoming the gold standard for stating "yes we are test and verified and safe from that exploit" to a co-worker, a boss, or a judge.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?