Is Firefox Ready for Prime Time in the Enterprise?

Ask network manager Tom Gonzales about Firefox, an open-source browserdeveloped by the Mozilla Foundation, and he openly gushes about itsmyriad benefits.

Gonzales says he swears by Firefox at home, in the office and for most ofhis IT team. But ask him if he intends to roll it out to his users, andhe emphatically says ''no''.

Gonzales, senior network administrator at Colorado State Employees CreditUnion in Denver, Colo. is not convinced that Firefox is ready to displaceMicrosoft Internet Explorer in the enterprise.

''I use it heavily. I loved it immediately,'' he says. ''But it takes alittle more skill to use Firefox -- a little more knowledge totroubleshoot.''

Gonzales says there would be a learning curve for his 170 users and morethan 70,000 credit union members to get used to Firefox's features andextensions like tabbed pages, integrated Internet search tools andintegrated RSS feeds. ''It's not that tough, but it's hard to pushsomething new on someone when it's not their primary job. My users haveto be able to do their work and if I make it hard for them [by using adifferent browser], that's not good.''

Gonzales says Firefox would create help-desk headaches as many Web sitesare coded specifically for Internet Explorer.

''The primary reason that Firefox is not ready for prime time yet is thatpeople aren't preparing their Web sites for it,'' he says. Proprietaryfeatures like Microsoft's ActiveX controls don't work with Firefox,causing viewing problems.

Brian Schwartz, technology specialist at CDW Corp. in Vernon Hills, Ill.,says Gonzales is not alone in his hesitancy to adopt Firefox.

''We've asked IT managers what their biggest concerns are and quitespecifically they say they have too many number one priorities from[their executives],'' he says. ''IT managers want other people to prove[Firefox's] worth first. They prize stability and performance, and theirusers have very little patience to test out new things.''

He adds that IT managers are too busy to test the impact of Firefox ontheir networks and applications. ''If there is any question about whetherFirefox could impact application performance, it's probably not going tomake the list of items a large-scale IT organization would evaluate.''

The key, he says, is for Mozilla to show that Firefox offers somethingthat Internet Explorer doesn't. ''IT managers aren't looking to adopt newstuff if they don't have to,'' he says.

Jim Linn agrees. As IT director at the American Gas Association inWashington, D.C., Linn says he does not intend to roll out Firefox.

''Our standard has been Internet Explorer for better or worse,'' he says.''Although recent vulnerabilities have brought [Internet Explorer] intoquestion, we are staying the course.''

Linn says it's important for IT groups to choose a path.

''We see the need to stay standardized -- particularly on Microsoftsoftware. It all fits together neatly and works together well. Even formy personal use and my technicians, I am running Internet Explorer.''

An Uphill Battle

When Firefox debuted last year, proponents of the browser touted itssecurity compared to the vulnerability-laden Internet Explorer. But overthe past few weeks, scrutiny has picked up about Firefox's own security issues.

Security experts warn Firefox may be vulnerable to spyware. But theseproblems are still not as worrisome to IT managers as those found in IE.

''Firefox has the advantage that it is not MicrosoftWindows-integrated,'' says Joel Snyder, security expert and seniorpartner at Opus One, a consultancy in Tucson, Ariz. ''Therefore, all the'wonderful' hooks into Windows that Microsoft put into Internet Explorer,which are ripe for exploitation, are missing.''

But Firefox is not bulletproof, he adds. ''This is not to suggest thereare no security vulnerabilities in Firefox, but they will not be soeasily exploited to gain control over the operating system.''

Even so, Firefox still faces an uphill battle.

''The challenge for a company making the move to Firefox might be anystuff that is hard-wired to work only in Internet Explorer,'' says ThomasPowell, founder of Web development firm PINT in San Diego. ''For example,some enterprise content management software, portals, etc. are onlywritten to support Internet Explorer.''

''The reality of Web-based applications is that most are poorly coded andbarely work on one browser, much less three or four different browsers,''Snyder says. ''So people are most likely to code for Internet Explorerbecause that has the largest market share.''

Striking a Balance

Some IT managers say they don't have to choose.

Joanne Kossuth, CIO at Franklin W. Olin College of Engineering inNeedham, Mass., says with a little bit of preparation, IT groups canoffer their users both browsers.

''Supporting Firefox is not any more difficult than supporting InternetExplorer,'' Kossuth says.

Her IT group offers a dual-operating system laptop program that allowsstudents to switch between Linux and Microsoft Windows, and to downloadthe browsers they want to run with each. More than 50 percent of thestudents have downloaded Firefox since it began being offered last year,she says. In fact, it was her student advisory group that recommendedFirefox.

''The students drove the path to Firefox. Internet Explorer hadvulnerabilities out there and after doing some research, we found noreason not to support Firefox,'' she adds.

But Kossuth warns IT groups to be prepared. While Internet Exploreroffers automatic security updates, Firefox requires manual patching.''You need to have communications with your users in place for this.Educate your users about patching and security issues.''

She also recommends tracking versions of Firefox and its specifications.''If you are using Linux, you have to make sure you've got the rightkernel. Match the specs to the operating system.''

It's important to understand what users want to do with their browsers,she says. ''Get input -- a survey would be a good way to do that. Askthem what they like about their browser and what they don't.''

To avoid the help desk headaches that Gonzales fears, Kossuth advocatestraining users how to use Firefox and how to solve problems they mightencounter.

Kossuth also says IT managers should not try to limit user choice.

''Web browsing is a personal experience. Some people like tabbedbrowsing, some don't. Some will want to block pop-ups, some won't. You'regoing to have a hard time prescribing just one browser,'' she says.