Guardian Digital has released a Linux operating system for businesses that it claims is easier to use and more secure than other competing products.
The product, EnGarde Secure Linux Professional, is a Linux server operating system that features Web-based tools to assist administrators in configuring access control, issue SSL certificates, and perform SSH key management. EnGarde Secure Linux Professional, which was announced Tuesday by the Allendale, New Jersey-based company, retails for $549. It is available now.
The release by Guardian Digital addresses a pressing need among small and large businesses that rely on the Linux operating system: how to better secure corporate environments without being overwhelmed by the complexity of Linux administration.
"Our entire goal was to abstract the process of security because it was so difficult, you couldn't expect the average Linux administrator to have the level of understanding to keep their server secure and also run his or her business. Instead, (Guardian) took on the responsibility of keeping the environment secure," said Guardian Ditigal CEO Dave Wreski.
EnGarde consolidates management functions in a graphical Web interface called the "Guardian Web Tool" that administrators can use to manage DNS (Domain Name System), e-mail, and database services, in addition to security features such as public keys, SSL (Secure Sockets Layer) and SSH (Secure Shell) certificates.
In addition, EnGarde jettisons elements of traditional Linux versions that were a frequent source of security vulnerabilities. For example, the company does not distribute SNMP (Simple Network Management Protocol) with EnGarde, opting for its own management protocol and does not distribute a Telnet client with EnGarde because of its frequent role as a vehicle for carrying out attacks on remote systems. However, EnGarde supports SNMP, according to Wreski.
At the same time, Guardian has cherry picked some of the more promising and secure Linux code for its product.
Openwall, an open source patch available to any Linux developer, prevents some forms of buffer overflows and has modifications that prevents certain kinds of common Linux attacks and information leaks. In addition, EnGarde implements the Linux Intrusion Detection System (LIDS) to provide mandatory access control that prevents users from assuming administrator-level permissions.
Wreski sees his company's product as one that stays true to the open source roots of Linux, while eliminating some of the chaos that has resulted from it.
"Most of the off-the-shelf Linux distributions bundle all the tools and don't think about the needs of the organization," said Wreski.
"(EngGarde) is engineered to solve a particular problem: organizations that are concerned about security but don't have the internal IT staff to manage it, or that would rather focus their energies on core competencies rather than Linux administration."