EnGarde Secure Linux is a Linux distribution developed by Guardian Digital - an open source Internet security company, and is designed with security in mind. Built from grounds-up, this product has been in development since 1999. EnGarde Secure Linux highlights its "Secure by default" tag as the one reason that it should be favored to be used as a Linux server. The developers have considerably reduced its size to include server-only applications and the whole administration of the server from the rebooting to its shutting down as well as configuring and maintaining web servers, database servers and so on can be done remotely from the confines of a web interface.
Guardian Digital has split EnGarde Secure Linux into three branches. Them being
- The Unstable branch which contain bleeding edge packages and is open only to developers.
- The community branch which is provided for free and is supported by the open source community. And lastly...
- The professional branch which is officially supported by Guardian Digital. And which needs to be bought.
The main difference between the community branch and the professional branch apart from the fact that one is free and the other is paid version is that Professional branch is much better tested and documented and can avail of the official support of Guardian Digital. Compared to that, the community branch will have to rely on the mailing list for support.
Features of EnGarde Secure Linux are many and are as follows (as quoted from their website) :
- Linux 2.6 kernel for the latest hardware compatibility
- SELinux Mandatory Access Control provides high security by strictly enforcing service separation at the kernel level
- Guardian Digital Secure Network features free access to all system and security updates and allows for quick and easy updating of the entire server
- Broad support for server hardware, including 64-bit AMD architecture and hardware RAID
- Web-based management of all functions, including the ability to build a complete web presence with FTP, DNS, HTTP, SMTP and more
- Secure up-to-date LAMP stack serves virtual websites with Apache v2.0, MySQL 5.0, and PHP 4.4 (PHP 5.0 available as an optional package)
- Latest BIND 9.3 provides secure DNS services
- Completely new WebTool, featuring easier navigation and greater ability to manage the complete system via a secure web browser connection
- RSS feed provides ability to display current news and immediate access to system and security updates
- Integrated firewall with ability to manage individual firewall rules, control port forwarding, and creation of IP blacklists
- Commercial grade Network Intrusion Detection System displays and graphs incoming attacks in real time
- Built-in Host IDS monitors system files for unauthorized changes to ensure system integrity
- Built-in UPS configuration provides ability to manage an entire network of battery-backup devices
- Real-time access to system and service log information
Ryan Berens who is an open source advocate at Guardian Digital tells me that EnGarde Secure Linux is a fully functional platform distribution that focuses on integrated security and ease of management. EnGarde Secure Linux has also been released by Guardian Digital as a Live CD so that it can be taken for a test drive without installing on ones machine.
