Risk
1/6/2010
05:27 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Red Hat CEO On Recession, Virtualization, Ballmer

Jim Whitehurst says his firm has encountered a "perfect storm" of conditions furthering its growth in recession.

Jim Whitehurst, CEO of Red Hat, says the deep recession "has been a perfect storm in a positive way" for his company, bringing more customers seeking lower infrastructure costs. Best of all, Red Hat's formerly sputtering JBoss unit's revenues are now growing faster than the company as a whole.

"With our recurring revenue model (annual subscriptions), we're not trying to fill the well up every quarter," Whitehurst noted in a breakfast meeting Wednesday in Palo Alto, Calif. As Whitehurst starts his third year as CEO, Red Hat reports that $164.4 million of its $193.3 million in revenue last quarter was from subscriptions, with some of Red Hat's top Advanced Server customers renewing their subscriptions for amounts of 127% of their previous contracts.

Whitehurst said many Linux conversions have been from Unix in the past, but during the recession, "more and more conversions [come] from Windows users." Red Hat Enterprise Linux now runs on 15% of the servers in the data center, he said. (Microsoft sees Windows Server on 70% of new servers in the data center.) Customers are coming to Linux "we say because of its high value. But it is open source and lower cost," which has a distinct appeal in hard times, he noted.

The downside is that the economy killed off many new application projects, and new projects tend to favor the use of Linux, Whitehurst noted.

Both Microsoft, with Windows and Windows applications, and Oracle, with Oracle Enterprise Linux (based on Red Hat Enterprise Linux) and Oracle applications want customers to buy a vertical stack of software -- applications and operating system -- from a single vendor.

Whitehurst says a vertical stack is the wrong approach. "Somewhere, Oracle has some customers that run that stack. What we hear customers saying is, 'We want a horizontal solution to the problem,'" or a general purpose operating system that works with more than one vendor's applications. With that strategy, Red Hat "has emerged as the clear number two operating system vendor," he said.

The modular nature of Red Hat Linux and JBoss is a plus as companies consider the impact of adding another commercial operating system or application server. Whitehurst claims the CTO of a Fortune 10 company told him recently that his company chose a three-year subscription for RHEL and JBoss over alternatives, not because of a savings on the initial license cost so much as "the hardware and other support costs of implementing a big, bloated piece of commercial software."

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

CVE-2014-6080
Published: 2014-12-18
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.