←back to thread

The state of Schleswig-Holstein is consistently relying on open source

(www.heise.de)
597 points doener | 2 comments | 07 Dec 25 13:21 UTC | HN request time: 0.479s | source
Show context
input_sh ◴[07 Dec 25 14:30 UTC] No.46181911[source]
I hate when switches like these get advertised first and foremost as some huge cost-cutting measure, further solidifying open source ecosystem as some cheap knock-offs of their commercial alternatives.

How about instead you donate the same amount of money you would've paid to Microsoft anyways to fund open source projects you rely on? At least for one year, then drop it down to some arbitrary chosen percentage of that cost. That way you can still advertise it as a cost-cutting measure, and everyone would benefit.

replies(17): >>46181952 #>>46181960 #>>46181973 #>>46182002 #>>46182008 #>>46182025 #>>46182301 #>>46182376 #>>46182422 #>>46182426 #>>46182799 #>>46183031 #>>46183033 #>>46183171 #>>46183399 #>>46185220 #>>46189421 #
hanshenning ◴[07 Dec 25 15:28 UTC] No.46182376[source]
You're not wrong, but this is actually what they're pursuing; the article just leaves it out.

> The goal is not only to save costs, but above all to gain digital sovereignty.

> [It's true] that open source is not necessarily cheaper, [..] it requires investment. But the money flows into internal infrastructure, into the further development of Nextcloud, LibreOffice, and other similar systems, instead of proprietary ones.

> Schleswig-Holstein pursues an "upstream-only strategy," meaning that developments flow directly back into international projects. The state does not want to maintain its own forks, but rather contribute all improvements directly to the main projects, thereby contributing to development for the benefit of the general public.[1]

On a side note, the real key to the project's success is that it's supported by a coalition of the conservative and green parties. They actually value digital sovereignty and longterm cost savings. Contrast that with Bavaria, where the MS lobbyist managed to get them to sign a longterm Office 365 contract…

[1]https://www-heise-de.translate.goog/hintergrund/Interview-Wi...

replies(2): >>46182729 #>>46182762 #
k1musab1 ◴[07 Dec 25 16:10 UTC] No.46182729[source]
Thank you for providing this valuable context. I am hoping to advocate for OSS transition in my workplace and these examples go a long way to help make my case.
replies(3): >>46183568 #>>46184627 #>>46189794 #
kuerbel ◴[07 Dec 25 17:54 UTC] No.46183568[source]
I am thinking about opening my own shop, distinguished by digitally sovereign offerings, for instance, Stormshield over Cisco, Proxmox over VMware, Matrix/Element over Microsoft Teams, Nextcloud over SharePoint...

I've been doing m365 and azure for more than three years by now and I just feel terrible. Especially regarding some of our customers, which are small gGmbH (kind of NGO). Instead of making a secure, privacy focused offering we just sell them the usual m365 package. We basically push them into the data industrial complex just to get some collab tools and mail.

replies(3): >>46184168 #>>46187059 #>>46189644 #
1. lormayna ◴[07 Dec 25 19:09 UTC] No.46184168[source]
> Stormshield over Cisco

Stormshield is a very good product but it's mainly designed for industrial scenarios and lacks some features that are essential for an enterprise NGFW (i.e. the protocol inspection covers very few protocols compared to PA/Checkpoint/etc). Unfortunately the enterprise NGFW scenario is dominated by US or Israeli companies, even if some niches brands like Stormshield for OT and Clavister for telcos are Europeans

replies(1): >>46191458 #
2. w34 ◴[08 Dec 25 12:25 UTC] No.46191458[source]
Stormshield firewalls offer a plethora of IPS protections and signatures, not just OT related ones. There are different licenses, offering varying protections and signatures.

Stormshield firewalls can certainly be used in enterprise settings. OT environments are an added bonus where Stormshield firewalls can be used as a protective layer.

Stormshield's IPS is its major strength, being very well integrated in the overall firewall design. The whole firewall rulebase is designed in terms of its IPS; I am not aware of any firewall on the market that has such a nicely integrated IPS.

Also, at the point where one runs out of IPS options to configure, whereby I'm not referring to signatures in the general sense of the term, and one also has adapted all of Stormshield's available signatures to the needs of the particular environment, the real fun of creating new custom IPS signatures begins.

Stormshield's roots date back to 1998's NETASQ, and so I would say they are of a similar pedigree as Check Point, in terms of their history.

Disclaimer: I'm a Stormshield Platinum Partner and hold a CSNTS.