Expanding and Sustaining our Investments in NetBox: How We’re Approaching Licensing for Some NetBox Add-ons

From the outset, our mission at NetBox Labs has been to make it easier to build and manage complex networks. We have invested heavily in line with that mission in both the NetBox Community edition and – for those who need enterprise-grade features, cloud managed instances and expert commercial support – in commercial offerings such as NetBox Cloud and NetBox Enterprise. Over the course of the past 15 months we have accelerated our investment to deliver more even faster, and thousands of customers have already deployed NetBox Cloud.

From interactions with our community, prospects, and customers, we know that the majority of NetBox adopters want reassurance that there is a stable, growing business with a solid financial foundation backing the open source project. Otherwise, they risk adopting a wayward project with no path to sustainable growth, and that is simply too much risk for any organization to accept for such a critical part of their network automation stack.

Reinvesting in the Community

A core tenet of our strategy is to fund our investment in the community by growing our business – what we often refer to as the virtuous circle of reinvestment. Part of that investment in the community means choosing to make functionality that we invest in available for free use by the community – even in commercial environments. To make that investment sustainable, though, we also need to protect key investments from being leveraged by competitors for commercial gain, which damages our ability to invest. This isn’t just hypothetical – it’s a real problem that has played out across the industry in the past, and has already directly impacted NetBox. 

So, we now find ourselves facing the same challenge that other commercial stewards of open source projects have grappled with over the years: how do we continue to invest in our community and make more software freely available, while also succeeding as a business that supports enterprise companies who depend on us? While there’s no perfect solution to this tricky equation, we believe we have found the best answer – and it’s based on the flexibility of NetBox’s modular and extensible design.

Protecting Our Investments Against Exploitation

Apache 2.0 is and will remain our license of choice for the core NetBox application along with tons of plugins, SDKs, and other open source software that we maintain. Certain new NetBox Labs maintained add-ons – like Diode which we just released in Public Preview – will be made available under the Polyform Shield license. This license offers a middle ground approach that makes these add-ons available with source code for use, modification, and distribution in all ways – including in commercial environments – except in use cases that compete with NetBox Labs. This strategy is also known as “source available” licensing and for almost all community users (including businesses), there is very little practical difference from the existing permissive licensing. This decision is aligned with the open core model that we and other commercial open source software companies have adopted. 

The approach we’ve taken is one that we believe strikes the right balance: keeping the NetBox core application and other tools like SDKs licensed permissively with a traditional, OSI-compliant license, while preventing competitive exploitation of certain add-on work that represents significant investment by NetBox Labs. It enables us to sustain our investments and continue to expand NetBox’s functionality and ecosystem. 

The future of NetBox is bright and we look forward to continuing to support its thriving community and our customers in years to come.

Q&A

This public FAQ aims to address some of the questions our community may have about the approach shared in this blog post.

Will the core NetBox software continue to be released under the Apache 2.0 license?

Yes, the core NetBox software will continue to be released under the Apache 2.0 license. The decision to use the Polyform Shield license applies only to certain new add-ons, not the core application.

How will this approach to licensing impact the NetBox community and its contributors?

This approach is intended to protect the long-term interests of the NetBox community and its contributors by allowing us to retain the permissive Apache 2.0 license for the core project and also allowing us to make the source code available for certain professionally developed add-ons under the Polyform Shield License. 

Will NetBox Labs continue to be an open source company?

NetBox Labs is 100% committed to the open source community. This approach does not introduce any changes to licensing of the core NetBox project. We took this approach intentionally to maximize the availability of new functionality and source code that the community may want to use, rather than holding back high-value functionality for commercial, paid use only. This approach enables us to contribute more functionality to the community for open use, not less.

How will NetBox Labs decide which add-ons will be distributed under the Polyform Shield license?

In general, the design philosophy of NetBox is to keep NetBox’s core lean, enabling the delivery of rich functionality through a robust plugin and integration ecosystem. We’ll apply the Polyform Shield license only to new, professionally developed functionality outside of NetBox’s core that represents substantial investment by NetBox Labs. We are committed to maintaining and evolving that functionality.

What is the Polyform Shield license?

The Polyform Shield license is a type of “source available” license that allows for use, modification, and distribution in all ways – including in commercial environments – except in use cases that compete with NetBox Labs. Our use of this license aims to make the functionality and source code of certain add-ons freely available to the community while preventing competitive exploitation and protecting the investments made by NetBox Labs.

Why is NetBox releasing certain new add-ons under the Polyform Shield license instead of the Apache 2.0 license?

We chose to release certain new add-ons under the Polyform Shield license to provide protections against competitive exploitation that the Apache 2.0 license does not address. This decision allows us to safeguard our ability to continue investing in this functionality while still enabling broad usage by the community.

Can I use add-ons released under the Polyform Shield license for commercial purposes (for example, at my company)?

Yes, you can use add-ons released under the Polyform Shield license for commercial purposes that do not compete with NetBox Labs. You are not required to notify us or purchase any NetBox Labs product. See the license for its exact language.

My company uses NetBox as part of a larger, value-added product offering. Can we use the add-ons released under the Polyform Shield license in this offering as well?

Yes, as long as your offering does not compete with any NetBox Labs products or service offerings. 

I am a current NetBox user and would like to use additional add-ons released by NetBox Labs. I use NetBox at my company for commercial purposes. How will this licensing approach affect me?

If you are using NetBox and want to use additional add-ons that we make available under the Polyform Shield license, you are free to do so unless you are deploying these add-ons in a product that competes with NetBox Labs. It really is that simple.

Does NetBox Labs release any add-ons, functionality or services under a commercial only license?

Yes – this is how we generate revenue and feed our virtuous circle of reinvestment. Commercial only features are generally reserved for advanced or enterprise use cases. Licensing some add-ons under Polyform Shield gives us the ability to make select functionality freely available to the community which would otherwise be commercial only.

Will the NetBox core project accept PRs for features that compete with those distributed under the Polyform Shield license?

Generally, in line with the NetBox design philosophy, it will not make sense for add-ons released as external modules under the Polyform Shield license to be incorporated directly into the NetBox core. (If it did, we’d release those features there instead.) Anyone is welcome to create new NetBox plugins or other integrated services and release them under the license of their choice as long as they are independently created, or meet the conditions of the Polyform Shield license (if derived from a NetBox Labs add-on with that license).

How does the Polyform Shield license affect my ability to modify and distribute the add-ons?

Under the Polyform Shield license, you are allowed to modify and distribute the code, but you must comply with the specific terms and conditions outlined in the license. These terms include common open source notice and attribution requirements and the non-compete condition.

How does the Polyform Shield license compare to the Apache 2 license at a glance?

Apache 2Polyform Shield
Download and use for free, anonymously
Use and modify in a commercial environment
Inspect and audit source code
Fork and modify source code
Contribute to the upstream project
Redistribute your modifications
Keep modifications private, without contributing back upstream
Develop or distribute competing products

Can I use these add-ons in a product that competes with a NetBox Labs product or service but give it away for free?

No. You cannot use the source code in an offering that competes with NetBox Labs, even if the offering is provided free of charge.

My company has a policy against using code with a non-commercial restriction. What should I do?

The Polyform Shield License does not contain a “non-commercial” license restriction. You are allowed to use add-ons licensed under Polyform Shield for commercial purposes. The Polyform Shield license excludes only one narrow use case, which is using the add-on in an offering that competes with NetBox Labs. 

Why did you choose Polyform Shield rather than a more widely recognized license like AGPL or BSL?

We considered many options, but both of these and other options either restrict community use in some way (for example, BSL disallows all production use) or do not provide protection against competitive use in an unmodified form (AGPL permits unmodified SaaS use). Also, Polyform Shield, unlike AGPL, does not require users to share their own modifications. Users can contribute upstream changes or improvements to us, if they choose to do so but are not required to. We chose Polyform Shield to support the broadest set of community use cases, and most importantly, to provide access to professionally developed and maintained add-ons, including source code.

Where can I find more information about the Polyform Shield license?

You can find more information about the Polyform Shield license on the official Polyform Project website, which provides detailed documentation and explanations of the terms and conditions.

This FAQ aims to address common questions about the new licensing terms for certain NetBox modules. If you have additional inquiries, please don’t hesitate to contact us at product@netboxlabs.com.

Share the Post:

Related Posts