Interview With Sancho Lerena From Pandora FMS
Hello Unixmen readers, today we have a special guest here at our desk! Ladies and gentlemen, we present you our friend Sancho Lerena from Pandora FMS. In case it doesn’t ring you any bell, Pandora FMS is a monitoring software which helps you to detect problems before they happen, managing your IT infrastructure: servers, networking and applications. So, if you want to find a job or if you are currently employed as Linux/Network Administrator then you should be aware of it. Here’s a little summary of Pandora from Unixmen.
Can you give me a quick presentation of your company and its features?
Artica is a software company based in Madrid (Spain), we started in 2005 and our first approach was to create an OpenSource based company who produced professional Open Source solutions specialized in security and networking, as the founding members we had experience in that field. From this approach and continuing my personal work in Pandora, which started in 2003, we developed and released three software projects: Pandora FMS: a full monitoring solution for servers and networks, Babel Enterprise: A security hardening system for servers, and Integria IMS: a full suite for support, project, crm and time tracking solution for SME companies.
We develop our software from scratch and accept contributions from both, individuals and organizations, with more than 30 people involved -in different dates- in direct development. All our projects are intended to be used on enterprise environments, so our user base is mostly professional users.
How did you come up with the idea of monitoring ?
One of my first jobs was in a networking & security department, we needed to know the status of all our equipment and most of important parameters were not “standard”, so the official monitoring software that this company used (HP OpenView) was not flexible enough to get the information we need. We also needed to have all information in several graphs and views, and doing that in OVO was a pain in the ass. I solved the problem with several scripts and RRDTool.
In my next job, as a security consultant, I had the same problem with a nasty firewalls from Checkpoint, based on BSD (IPSO). I came to the conclusion that the problem -getting the information from the source, and do things with the information- can happen several times, in different ways, with different technology and complex topologies, so I get to the idea of doing something very generic, able to deal with almost any kind of OS and software, and then Pandora was born.
Prior to create Pandora, I tried nagios -not useful for me, because I needed much more control on graph and numerical information, and flexible agents, able to deal with old versions of Solaris and AIX, and nasty OS, like IPSO. I also used cacti, but the RRD approach gets stuck with thousands of sources and you cannot SQL extract the information to produce nice “boss reports”.
Being myself a Greek, I have to ask you… is this related to Greek mythology?
That is a question almost all people like to ask, but from a Greek, much more :). The first I must say, it was a horrible name, share the name with jewelry and online radio was my worst marketing mistake, ever.
Of course, the idea of Pandora was very close to the original Myth: The idea behind the myth of Pandora’s box was something like “A single box, was able to control all dangerous things inside it”. The myth talks about what happen when somebody opened the box, but the fact that something “simple” can contain all the bad things in the world, so the Pandora Box itself can contain and control all worst stuff on the world: Powerful!… also, the name in that moment seems to be nice to me. Anyway, seems developers should not choose product names in most cases :))
I see that you have a pricing policy: Open Source, Small Enterprise and Enterprise. How difficult is to turn an open-source project into a profitable company?
Very, very, very difficult. The most obvious thing is plain simple: why something should pay when can get it for free?. Most pure opensource users, value the freedom of choice They get direct access to the sources, have open standards/interfaces, and are able to expand its features. Most pure enterprise users value price and features. So I put aside the kind of features enterprise users will value, and opensource users don’t care so much. It’s a very difficult balance, and I can understand that pure opensource oriented users can think about this model, but our opensource version is about 85% of code (about 0.5M lines of code) and not only functional, I know of organizations running OpenSource Pandora FMS, on more than 5000 servers, so OpenSource version is not a “toy”.
What about Pandora alternatives in the market (eg Nagios) ?
In my humble opinion, Nagios represent the past. I think Zabbix is our best competitor, other options like OpenNMS or several nagios-derivated projects are not so consistent and lack of important things like powerful agent monitoring, full SNMP operation or reports and screens. Most of them fail on enterprise big setups (>1000 agents). Zabbix people are doing a good job, too good :). We all are in the same “monitoring” segment, but are also very different. Other tools are like “crippled” software, sold as opensource, but not really operational for daily job.
What do you see ahead for your company in the next five years?
Increase our user base, and get reputation for having a rock-solid monitoring platform for all segments: opensource users, small enterprises and big & complex setups.
What can you tell me about your new product or plans for growth?
Mobile devices are changing the rules, so we need to adapt. Mobile interfaces, mobile monitoring and new uses of technology are coming. Nobody knows what comes next, but if it have connectivity, we can monitor it :)
Thank you very much Sancho.
Thanks a lot, Panos.