EnGarde Secure Linux
Encyclopedia
EnGarde Secure Linux is an open source
server-only Linux distribution
developed by Guardian Digital. EnGarde incorporates open source tools such as Postfix
, BIND
, and the LAMP stack
.
The platform includes services for web hosting, DNS and email, and others. Since 2005, SELinux has been incorporated into the platform by default. Other security services are included by default as well, such as intrusion detection, anti-virus, network management and auditing and reporting tools.
Users can configure the services through the command line, or remotely manage them through WebTool, the platform's browser-based interface.
. Within less than a year of development, much of that was re-engineered. Since then EnGarde has been treated as its own platform, as it maintains its own package repository based on RPM, among other changes.
Additionally, many desktop functions were not included. For example, EnGarde Secure Linux does not include the X Window System
. Traditionally, this practice is called hardening. According to the company, the platform has been engineered to maintain this focus on security for server functions.
Because there is no X Window System and EnGarde is configured via a graphical interface, it is recommended to configure the operating system using a second computer. The interface, accessible through a web browser, is one of the remarkable features of EnGarde Secure Linux. Linux.com reviewed the platform in November 2005, where WebTool was described as innovative and well-designed and lets you get productive quickly. A recent review on PolishLinux.org gave it a positive review, but argued it could have included more popular modules and packages.
Some of the early design parameters included SELinux functionality, 64-bit support, interfaces for network intrusion detection, as well as translations for both Spanish and Italian. Other versions of EnGarde are currently being translated into other languages.
Other changes include a point-and-click GUI for using SELinux, automatic hardware inventory generation and a new WebTool API guide for community modules. Changes to the IDS with an Ajax interface and a real-time WebTool support tool are also some changes.
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
server-only Linux distribution
Linux distribution
A Linux distribution is a member of the family of Unix-like operating systems built on top of the Linux kernel. Such distributions are operating systems including a large collection of software applications such as word processors, spreadsheets, media players, and database applications...
developed by Guardian Digital. EnGarde incorporates open source tools such as Postfix
Postfix (software)
In computing, Postfix is a free and open-source mail transfer agent that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely-used Sendmail MTA....
, BIND
BIND
BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from...
, and the LAMP stack
LAMP (software bundle)
LAMP is an acronym for a solution stack of free, open source software, referring to the first letters of Linux , Apache HTTP Server, MySQL and PHP , principal components to build a viable general purpose web server.The GNU project is advocating people to use the term "GLAMP" since what is known as...
.
The platform includes services for web hosting, DNS and email, and others. Since 2005, SELinux has been incorporated into the platform by default. Other security services are included by default as well, such as intrusion detection, anti-virus, network management and auditing and reporting tools.
Users can configure the services through the command line, or remotely manage them through WebTool, the platform's browser-based interface.
Overview of history and development
Since its inception in 2001, the platform has been developed as an OS that incorporates only server functionality while focusing on security as the priority. Originally, the platform loosely drew on some of the code from early versions of Red Hat LinuxRed Hat Linux
Red Hat Linux, assembled by the company Red Hat, was a popular Linux based operating system until its discontinuation in 2004.Red Hat Linux 1.0 was released on November 3, 1994...
. Within less than a year of development, much of that was re-engineered. Since then EnGarde has been treated as its own platform, as it maintains its own package repository based on RPM, among other changes.
Additionally, many desktop functions were not included. For example, EnGarde Secure Linux does not include the X Window System
X Window System
The X window system is a computer software system and network protocol that provides a basis for graphical user interfaces and rich input device capability for networked computers...
. Traditionally, this practice is called hardening. According to the company, the platform has been engineered to maintain this focus on security for server functions.
Specific focus
EnGarde Secure Linux was one of the earliest distributions to include SELinux for complete server implementations, and was one of the very first Linux server platforms designed solely for security.Because there is no X Window System and EnGarde is configured via a graphical interface, it is recommended to configure the operating system using a second computer. The interface, accessible through a web browser, is one of the remarkable features of EnGarde Secure Linux. Linux.com reviewed the platform in November 2005, where WebTool was described as innovative and well-designed and lets you get productive quickly. A recent review on PolishLinux.org gave it a positive review, but argued it could have included more popular modules and packages.
EnGarde Secure Linux branches
There are two branches of EnGarde Secure Linux: Community and Professional.- Community Version
-
- This branch, also known as EnGarde Secure Community or EnGarde Secure Linux Community Edition, is the free downloadable version of EnGarde Secure Linux distributed by Guardian Digital, Inc. This distribution is not "officially" supported but Guardian Digital supports the users via the engarde-users mailing list and online forum.
- Professional Version
-
- This branch, also known as EnGarde Secure Professional or EnGarde Secure Linux Professional Edition, is the version of EnGarde Secure Linux sold and officially supported by Guardian Digital, Inc.
Development cycle
Guardian Digital is currently releasing platform updates and upgrades about once every thirty to sixty days. Updates for current users are downloaded through GDSN (Guardian Digital Secure Network): a support system intended to provide customers with software updates, version upgrades, and comprehensive technical support. GSDN is designed to connect EnGarde Secure Linux users to expert security and application engineers.Release history and developments
Guardian Digital publishes a detailed history on their website. There have been twenty one releases since September 2005.Some of the early design parameters included SELinux functionality, 64-bit support, interfaces for network intrusion detection, as well as translations for both Spanish and Italian. Other versions of EnGarde are currently being translated into other languages.
Other changes include a point-and-click GUI for using SELinux, automatic hardware inventory generation and a new WebTool API guide for community modules. Changes to the IDS with an Ajax interface and a real-time WebTool support tool are also some changes.