ITIL: Open Source vs. CommercialAs ITIL continues to gain converts, more and more support software is becoming available. Which is better open source or commercial? The debate continues.
The answer extends beyond the philosophical differences of the open source vs. commercial camps. For one thing, not all open source software is created equal therefore not all open source products will score the same.
Another advantage in popular open source solutions: they carry a bucket-load of features, often exceeding that of commercial offerings. The best solutions, said Drake, provide only the framework and allow the community to extend the solution. Nagios is a perfect example, he said. The community has gone wild and has extended the solution more than any commercial solution available. Hence, theyre the post popular monitoring solution.
While open source solutions can have as much as 10 times the features of commercial products, more is not necessarily better. It is relatively easy to get lost in the maze of features and the customization processes. Alternately, commercial solutions can also be too huge for recession-pruned IT teams to manage and too stiff to customize for a companys exact needs; all leading to waste in terms of cost and time. Customization can be overdone too. The key kink in the code chain comes from immature ITIL processes.
Implementing open source software in a case where the ITIL culture is not yet strong enough may cause an over-customization of the tool and thus cause the main objective of implementing ITIL to be distorted, said Alejandro Montini, manager of IT Infrastructure at Globant. By comparison, a solid commercial software offering can greatly help in streamlining and speeding the initial implementation of ITIL while avoiding deviations from the standard, he said. Oddly, even though Globant specializes in using open source software, Montini said he would dedicate all efforts to improving the overall quality of the company's services based on ITIL and I would select a commercial ITIL software to support this objective."
The biggest differentiator between open source and commercial ITIL solutions remains security. While commercial applications have their own vulnerabilities its much tougher to find those holes as the source code isnt available, said Drake. With open-source, the hackers can download the same source code and look for vulnerabilities or poorly written code from within the inside of the software. Heavily regulated industries will probably steer clear of open source solutions for fear of heavy penalties should a breach occur. It is hard to construct a winning court defense when the potential threat is known and well-documented in advance of deployment.