Secure, user-friendly Linux OS targets businesses

Guardian Digital has claimed that its Linux operating system for businesses is easier to use and more secure than other competing...

Guardian Digital has claimed that its Linux operating system for businesses is easier to use and more secure than other competing products.

The product, EnGarde Secure Linux Professional, which was launched on Tuesday, is a Linux server operating system that features Web-based tools to assist administrators in configuring access control, issue SSL certificates, and perform SSH key management. It costs $549 (£352).

Guardian Digital believes it has addressed a pressing need among businesses that rely on Linux: how to better secure corporate environments without being overwhelmed by the complexity of Linux administration.

"You couldn't expect the average Linux administrator to have the level of understanding to keep their server secure and also run his or her business. Instead, [Guardian] took on the responsibility of keeping the environment secure," said Guardian Ditigal chief executive officer Dave Wreski.

EnGarde consolidates management functions in a graphical Web interface called the Guardian Web Tool that administrators can use to manage Domain Name System, e-mail, and database services, as well as security features such as public keys, Secure Sockets Layer and Secure Shell certificates.

The OS also jettisons elements of traditional Linux versions that were a frequent source of security vulnerabilities. For example, the company does not distribute SNMP (Simple Network Management Protocol) with EnGarde, opting for its own management protocol, and does not distribute a Telnet client with EnGarde because of its frequent role as a vehicle for carrying out attacks on remote systems. However, EnGarde supports SNMP.

At the same time, Guardian has cherry-picked some of the more promising and secure Linux code for its product.

Openwall, an open-source patch available to any Linux developer, prevents some forms of buffer overflows and has modifications that prevent certain kinds of common Linux attacks and information leaks. EnGarde implements the Linux Intrusion Detection System (LIDS) to provide mandatory access control that prevents users from assuming administrator-level permissions.

"Most of the off-the-shelf Linux distributions bundle all the tools and don't think about the needs of the organisation," said Wreski.

"[EngGarde] is engineered to solve a particular problem: organisations that are concerned about security but don't have the internal IT staff to manage it, or that would rather focus their energies on core competencies rather than Linux administration," he added.

Read more on PC hardware