Penny wise and pound foolish. (Score 1)

Ultimately, it's a question of paying in dollars or paying in other resources, such as admin time.

Instead of paying Red Hat to spend their time supporting their OS, he's going to be paying his own folks to provide that support. There will be no guarantees about how quickly vulnerabilities are addressed, no guarantees on when his systems will receive updates regardless of severity. His admins will be dedicating time to supporting the OS that they could otherwise be spending building *on top of* that base OS.

Free may save him some dollars in the short run, but as someone who's done sysadmin and ops work for the last decade, I can say with certainty that he *will* be paying those exact same dollars (or more) over the long run. Maybe he's okay spending dollars out of operating expenses rather than capital expense, but one way or another, those dollars will be spent. The main question he should be answer is how much value he's really receiving for those dollars.

In my opinion, he should spend the money on RH entitlements and let his sysadmins work on projects that aren't simply reinventing the same wheel.

This also doesn't get into any of the value-add stuff that the RHN or RH Satellite provides, such as easing and speeding up the audit process for SOX and PCI audits.