The term "users" has several connotations. End users often
want to meet other users of the system, to share ideas, problems and solutions,
and discuss the system over a meal or a beer. One of the best ways to do this
is with one of our
User Groups worldwide.
Another connotation of the term is "who is using the system, and for what?",
and that is the subject of the rest of this page. These companies and organisations trust OpenBSD's rigorous code audit
and security-first development model. They use the system to build firewalls,
intrusion detection systems, or general purpose servers.
University researchers and IT department developers often
have similar security and stability requirements and choose OpenBSD.
Many Internet Service Providers find OpenBSD's
security features hard to resist.
If you would like to be listed on this page, send the information to
NOTE: For reasons of security, companies can ask us to withhold
their names, or those of their clients. They would then appear as
Amnesty International is a worldwide campaigning movement that works
to promote all the human rights enshrined in the Universal Declaration of
Human Rights and other international standards.
Amnesty International is using OpenBSD for network firewalls and for
Virtual Private Networks (IPSec) between its sections around the world.
ENEP Iztacala is one of UNAM's peripheral
schools. UNAM is Mexico's largest University, with over 250,000 students,
and at ENEP Iztacala we have a bit over 10,000 students. This is mostly
a health-oriented campus, so the computer area is not a big one.
We run as servers currently two OpenBSD, one Solaris and two Linux boxes.
With OpenBSD we handle the main web site (happily running on a 7-year old
Sparcstation 5), part of our mail accounts and our firewall.
There are two aditional OpenBSD computers, in our development area. One of
them acts as a network monitor (using Snort) and will shortly be moved to
sit next to the firewall, and the other one serves as an OpenBSD CVS
We do not do run very creative stuff, we just use OpenBSD for what it does
best: run smoothly, even on older hardware, freeing us from most concerns
and doubts we have about our other operating systems.
We also host a Spanish OpenBSD mailing list (email@example.com).
INFN Italian Institute of Nuclear Physics, Florence, Italy
This non-profit government research and academic institution uses OpenBSD
for domain name service and IPF firewall packet filtering.
Prague Institute of Chemical Technology, Czech Republic
The university uses OpenBSD on PCs to provide WWW, mail and shell access to
staff and students, and on a SPARC IPX for a time server and secondary DNS.
The admin stations also run PCs with OpenBSD.
Justin Smith, Drexel
Justin Smith teaches in the department of Mathematics and
Computer Science at Drexel University. He writes:
"After several break-ins, I converted my system from Linux to OpenBSD. Now
it runs all the software I used to use in Linux, including a full-featured
desktop (Helix Gnome), research and productivity software; Web pages for
courses I teach; and software to administer and grade exams (the break-ins on
my old Linux system always occurred during exam times). I was also attracted to
OpenBSD because of the superiority of its UVM virtual memory algorithm (also
used by NetBSD)."
Sonora State Electoral Council,
El Consejo Estatal Electoral del Estado de Sonora usa OpenBSD para proteger
sus sistemas, estas aplicaciones estan en linea a traves de Internet, dando
resultados electorales al usuario, su red privada esta protegida por
usuarios internos y externos.
This government agency uses OpenBSD as a means to protect its
network as well as for intrusion detection. The OpenBSD based VPN
provides online electoral results to both internal and external users.
The University of Alberta
uses OpenBSD on SPARC and Intel hardware for proxy servers, Kerberos
servers, print servers, service monitoring, pre-emptive security
scanning, and incident response. OpenBSD on Intel Hardware is used
for Firewalls and Lan-to-Lan VPN for the university's secured subnets
behind which all the University's new administrative systems
reside. OpenBSD is used for authenticating
gateways in front of public labs and public ethernet jacks in
approximately 40 locations across campus (about 1500 seats) to help
secure public internet access. The Department of Computing Science is using two
20 seat OpenBSD labs for undergraduate instruction.
The University of Michigan's
Center for Information Technology Integration (CITI)
The CITI laboratory uses OpenBSD as the basis
for many intensive research projects.
OpenBSD is used for developing and analyzing
contents and protocols, both in isolation and in real
applications. Plans are underway to issue cards
containing secure tokens for user logins and kerberos ticket acquisition.
OpenBSD is also used as a test platform for the
program at CITI. Internally "The Packet Vault" is an
OpenBSD machine that captures and records on cd-rom every packet on the
local 10 Mbps ethernet. Packet contents are encrypted to comply with
privacy requirements. This practice is used for intrusion detection. In
addition, a number of people within the department are using OpenBSD as
their primary operating system.
The University of Minnesota
This university uses OpenBSD on Sun Sparc workstations for network monitoring
and capacity planning. They query 53,000 (as of May 1999) different interfaces
via SNMP, logging more than 250MB of SNMP data to concatenated disk for
processing each month.
Uppsala University Hospital, Department of Infectious Diseases
The department uses OpenBSD for intranet servers, as well as for firewalls and
gateways to the Internet.
This software giant uses OpenBSD on a number of their network firewalls
and network testing systems.
The gigabit ethernet
hardware manufacturer, uses OpenBSD machines in varying capacities ranging
from testbeds to gateways.
CORE SDI S.A.
An Information Security company based in Buenos Aires, Argentina uses OpenBSD
as the main platform for operation and development of information security related
products. "The robustness, portability and commitment to security
of OpenBSD, as well as the ability to run on different hardware platforms,
provides an ideal operating system for environments where security and high
availability are major concerns", says Ivan Arce, CORE SDI's CEO.
FSC Internet Corp.
A large Information Security and Internet development firm located in
Toronto, has used OpenBSD and its IPsec support to construct
a secure and flexible VPN for a multi-billion dollar client. "We are
delighted with OpenBSD's performance, reliability, and pro-active
attitude towards security," says a company spokesperson. "We intend
to use OpenBSD in many future projects. We believe strongly that
open-source solutions like OpenBSD are best able to provide the high
levels of security our clients require -- closed-source software
almost never receives the level of code review that OpenBSD is
Network Security Technologies, Inc.
This network and computer security firm uses OpenBSD for high speed
intrusion detection, virtual private networking, and data warehousing
applications. Network Security Technologies, Inc is located in the
Washington DC metro area, and uses OpenBSD at several undisclosed
military and government agency locations.
This vendor produces an OpenBSD derived, IEEE POSIX real time extended
system solution. RTMX fully re-implemented previously developed
in-house IEEE POSIX realtime extensions using OpenBSD as a root source
tree. Nearly all of the IEEE POSIX extensions have been
added. Currently all OpenBSD features are supported, but only on the
m68k, MIPS and PowerPC cpu types. Pentium and Alpha cpu versions are
to be released soon. RTMX Inc. is also a licensed OSF Motif house, and
has ported Motif 1.2.3 to most of the supported platforms.
SoftQuad Software Inc.
This maker of HTML and XML editing software uses OpenBSD for their
gateway/firewall and FTP services.
Xtime's core technology is the Time Inventory Management Engine, or
TIMEngine . This technology brings the benefits of e-commerce to
service merchants everywhere, making their time-based inventory available
via the web or phone, and delivering powerful new customer relationship
management capabilities. Xtime leverages the power of OpenBSD for 75%
of their mission-critical network infrastructure, which includes Mail
servers, DNS servers, several VPN/Firewalls, secure logging hosts,
monitoring/IDS and production web servers. OpenBSD is the de-facto OS
used by the Xtime network operations department, boasting a 100% usage
rate amongst the department for desktop workstations.
One goal of any ISP is to keep their customers' sites and accounts safe
from intrusion. OpenBSD's security record speaks for itself, so many
ISPs use OpenBSD for this reason alone. However, others use OpenBSD for
many, if not most, of their services.
BS Web Services
BS Web Services, a german ISP, is using OpenBSD servers for primary and
secondary DNS (djbdns), primary Web hosting (Apache) and
primary mail services (qmail-ldap). They also run mission critical
LDAP Authentification Backend on OpenBSD (OpenLDAP), as well as MySQL databases.
Hostmaster Henning Brauer writes:
"OpenBSD needed some tuning on these machines, especially bigger maxprocs
and maxfiles, but it handles extraordinary loads on ordinary hardware. We are
using AMD Athlons (mostly the new Thunderbirds) and AMD K6-III's. We also have
some internal machines running OpenBSD as testbeds and printservers and all
sorts of other purposes. We plan to move some more machines to OpenBSD,
especially our firewalls. Unfortunately we are still running some closed
source software, but we'd like to try the Linux emulation. OpenBSD's
behaviour under high load, especially under DoS attacks, just doesn't
compare to the Linux we used before - Linux went extremely slow, while
OpenBSD doesn't even care (same hardware!)".
Calyx Internet Access Corp.
This company uses OpenBSD for running all mission-critical services
including WWW, FTP, email, VPN traffic, and network monitoring at its
data centers in New York, Los Angeles, and Amsterdam. Even larger web
sites such as
tanqueray.com and others are no
challenge for OpenBSD.
This internet service provider is running almost completely on
a mixture of OpenBSD/sparc and OpenBSD/i386. Our Web Servers(2), Mail
Server, Primary and Secondary DNS, and Radius servers all are running
OpenBSD/sparc and our shell server and several co-located servers are
Elixor Networks Inc.
Elixor Networks uses OpenBSD on AMD hardware to provide shell accounts,
website hosting, and domain name hosting.
An ISP in Bend, Oregon, uses OpenBSD on AMD, Intel, and Sun based hardware,
for routing, firewalling, IPSec/VPN, bandwidth
limiting, web hosting, database servers, network monitoring, intrusion
detection, mail servers, backup servers, cache servers, and workstations.
One of their OpenBSD routers handles traffic on between a T3 and eight fast
ethernet ports, also with several 802.1Q VLANs to separate networks for
co-location customers and business park tenants.
This ISP uses OpenBSD to run their free shell server, as well as other
systems. The shell server, a single AMD K6/233, handles well over
10,000 users. "We tried OpenBSD after having constant security
problems with other operating systems", says Hobbiton's Leif
Pedersen. "Since then, security in the operating system has not been a
problem and, as an added bonus, the systems have been more stable."
In the Headwaters region of Ontario, Canada, Hurontario.net uses OpenBSD
on several of their own and their customers' machines.
IOActive provides WWW developers and hackers with a place to tinker on test
servers. The Seattle, WA, service provider also installs OpenBSD firewall,
VPN and IDS systems for regional businesses. "OpenBSD is fast, reliable, and I
sleep a little better at night knowing I'm using it," says owner Josh Pennell.
"The other thing I love about it is over half of the work is done to secure
the box right after installation, saving my company copious amounts of time.
OpenBSD in my mind is the defacto standard for open source secure operating
systems. Everyone else is just trying to catch up".
Poppe Tyson Europe
is using OpenBSD as a primary DNS, mailserver for
100+ mailboxes, and as their Website Development server for over 50
qpalzm services runs OpenBSD to offer web hosting and shell accounts. The
website offers daily updates on programming, gaming, irc, and other
technobabble. An online MUD is also available. There is also a
and DHTML. Incidently, qpalzm.com's busy WWW, FTP and mail server runs
just fine with OpenBSD on a 200MHz Pentium Pro.
RTMX Networking Services
This North Carolina ISP is using OpenBSD on multiple servers for Web,
DNS and over 1000 e-mail users in their community just West of
Research Triangle. There is a mix of AMD K-6, MicroSPARC-II and
PowerPC systems in use, with more customer sub-net servers coming
on-line. RTMX.NET mirrors the OpenBSD
and ftp sites,
and also provides an anonymous CVS repository
(CVSROOTfirstname.lastname@example.org:/cvs), all thanks to 47GB of
disk space and a dedicated T1 connection.
This ISP in Sweden uses OpenBSD for Web, DNS and mail servers.
This Virginia ISP uses OpenBSD on all of its servers, including primary and
secondary radius, primary and secondary DNS, mail, network monitoring, and
several firewalls. They also sell OpenBSD based routers and firewalls to
their business DSL customers.
$OpenBSD: users.html,v 1.61 2000/12/14 04:26:46 louis Exp $