EnGarde Secure Linux

Last updated
EnGarde Secure Linux
Engarde Logo.png
Developer Guardian Digital, Inc
OS family Linux (Unix-like)
Initial release?
Latest release 3.0.22 / December 2008
Platforms i686, x86-64 with 512 MB RAM
Official website http://www.engardelinux.org/

EnGarde Secure Linux was an open source server-only Linux distribution developed by Guardian Digital. EnGarde incorporates open source tools such as Postfix, BIND, and the LAMP stack.

Contents

The platform includes services for web hosting, DNS and email, and others. Since 2005, SELinux has been incorporated into the platform by default. [1] Other security services are included by default as well, such as intrusion detection, anti-virus, network management and auditing and reporting tools.

Users can configure the services through the command line, or remotely manage them through WebTool, the platform's browser-based interface.

Overview of history and development

Since its inception in 2001, [2] the platform has been developed as an OS that incorporates only server functionality while focusing on security as the priority. Originally, the platform loosely drew on some of the code from early versions of Red Hat Linux. [3] Within less than a year of development, much of that was re-engineered. Since then EnGarde has been treated as its own platform, as it maintains its own package repository based on RPM, among other changes.[ citation needed ]

Additionally, many desktop functions were not included. For example, EnGarde Secure Linux does not include the X Window System. Traditionally, this practice is called hardening. According to the company, the platform has been engineered to maintain this focus on security for server functions. [4]

Specific focus

EnGarde Secure Linux was one of the earliest distributions to include SELinux for complete server implementations, and was one of the first Linux server platforms designed solely for security.[ citation needed ]

Because there is no X Window System and EnGarde is configured via a graphical interface, it is recommended to configure the operating system using a second computer. The interface, accessible through a web browser, is one of the remarkable features of EnGarde Secure Linux.[ citation needed ] Linux.com reviewed the platform in November 2005, where WebTool was described as innovative and well-designed and lets you get productive quickly. [5] A recent review on PolishLinux.org gave it a positive review, but argued it could have included more popular modules and packages. [6]

EnGarde Secure Linux branches

There are two branches of EnGarde Secure Linux: Community and Professional.

  • Community Version
This branch, also known as EnGarde Secure Community or EnGarde Secure Linux Community Edition, is the free downloadable version of EnGarde Secure Linux distributed by Guardian Digital, Inc. This distribution is not "officially" supported but Guardian Digital supports the users via the engarde-users mailing list and online forum.
  • Professional Version
This branch, also known as EnGarde Secure Professional or EnGarde Secure Linux Professional Edition, is the version of EnGarde Secure Linux sold and officially supported by Guardian Digital, Inc.

Development cycle

Guardian Digital is currently releasing platform updates and upgrades about once every thirty to sixty days. Updates for current users are downloaded through GDSN (Guardian Digital Secure Network): a support system intended to provide customers with software updates, version upgrades, and comprehensive technical support. GSDN is designed to connect EnGarde Secure Linux users to expert security and application engineers.[ citation needed ]

Release history and developments

Guardian Digital publishes a detailed history on their website. [7] There have been twenty one releases since September 2005.

Some of the early design parameters included SELinux functionality, 64-bit support, interfaces for network intrusion detection, as well as translations for both Spanish and Italian. Other versions of EnGarde are currently being translated into other languages.

Other changes include a point-and-click GUI for using SELinux, automatic hardware inventory generation and a new WebTool API guide for community modules. Changes to the IDS with an Ajax interface and a real-time WebTool support tool are also some changes. [8]

Related Research Articles

<span class="mw-page-title-main">Linux distribution</span> Operating system based on the Linux kernel

A Linux distribution is an operating system made from a software collection that includes the Linux kernel, and often a package management system. Linux users usually obtain their operating system by downloading one of the Linux distributions, which are available for a wide variety of systems ranging from embedded devices and personal computers to powerful supercomputers.

<span class="mw-page-title-main">Security-Enhanced Linux</span> Linux kernel security module

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC).

<span class="mw-page-title-main">Security-focused operating system</span> Operating systems, that are focused on anonymous, privacy and security.

This is a list of operating systems specifically focused on security. Operating systems for general-purpose usage may be secure without having a specific focus on security.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

<span class="mw-page-title-main">UEFI</span> Operating system and firmware specification

UEFI is a set of specifications written by the UEFI Forum. They define the architecture of the platform firmware used for booting and its interface for interaction with the operating system. Examples of firmware that implement these specifications are AMI Aptio, Phoenix SecureCore Tiano, TianoCore EDK II and InsydeH2O.

<span class="mw-page-title-main">OTRS</span> Service management software

OTRS is a service management suite. The suite contains an agent portal, admin dashboard and customer portal. In the agent portal, teams process tickets and requests from customers. There are various ways in which this information, as well as customer and related data can be viewed. As the name implies, the admin dashboard allows system administrators to manage the system: Options are many, but include roles and groups, process automation, channel integration, and CMDB/database options. The third component, the customer portal, is much like a customizable webpage where information can be shared with customers and requests can be tracked on the customer side.

Smoothwall is a Linux distribution designed to be used as an open source firewall. Smoothwall is configured via a web-based GUI and requires little or no knowledge of Linux to install or use.

<span class="mw-page-title-main">LAMP (software bundle)</span> Acronym for a common web hosting solution

LAMP is an acronym denoting one of the most common software stacks for many of the web's most popular applications. However, LAMP now refers to a generic software stack model and its components are largely interchangeable.

openSUSE Community-supported Linux distribution

openSUSE is a free and open source RPM-based Linux distribution developed by the openSUSE project.

Nitix was a retail Linux distribution, produced in Canada. The software is developed by Net Integration Technologies, Inc., which has been acquired by IBM as of January 2008 and currently operates as IBM Lotus Foundations.

<span class="mw-page-title-main">AppArmor</span> Linux kernel security module

AppArmor is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. AppArmor supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC). It has been partially included in the mainline Linux kernel since version 2.6.36 and its development has been supported by Canonical since 2009.

Linux Security Modules (LSM) is a framework allowing the Linux kernel to support without bias a variety of computer security models. LSM is licensed under the terms of the GNU General Public License and is a standard part of the Linux kernel since Linux 2.6. AppArmor, SELinux, Smack, and TOMOYO Linux are the currently approved security modules in the official kernel.

SUSE Linux is a computer operating system developed by SUSE. It is built on top of the free and open source Linux kernel and is distributed with system and application software from other open source projects. SUSE Linux is of German origin, its name being an acronym of "Software und System-Entwicklung", and it was mainly developed in Europe. The first version appeared in early 1994, making SUSE one of the oldest existing commercial distributions. It is known for its YaST configuration tool.

A home server is a computing server located in a private computing residence providing services to other devices inside or outside the household through a home network or the Internet. Such services may include file and printer serving, media center serving, home automation control, web serving, web caching, file sharing and synchronization, video surveillance and digital video recorder, calendar and contact sharing and synchronization, account authentication, and backup services.


This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.

<span class="mw-page-title-main">DansGuardian</span> Content-control software

DansGuardian, written by SmoothWall Ltd and others, is content-control software: software designed to control which websites users can access. It also includes virus filtering and usage monitoring features. DansGuardian must be installed on a Unix or Linux computer, such as a server computer; its filtering extends to all computers in an organization, including Windows and Macintosh computers. DansGuardian is used by schools, businesses, value-added Internet service providers, and others.

Plastic SCM is a cross-platform commercial distributed version control tool developed by Códice Software Inc. It is available for Microsoft Windows, Mac OS X, Linux, and other operating systems. It includes a command-line tool, native GUIs, diff and merge tool and integration with a number of IDEs. It is a full version control stack not based on Git.

Besides the Linux distributions designed for general-purpose use on desktops and servers, distributions may be specialized for different purposes including computer architecture support, embedded systems, stability, security, localization to a specific region or language, targeting of specific user groups, support for real-time applications, or commitment to a given desktop environment. Furthermore, some distributions deliberately include only free software. As of 2015, over four hundred Linux distributions are actively developed, with about a dozen distributions being most popular for general-purpose use.

<span class="mw-page-title-main">Endian Firewall</span> Linux distribution

Endian Firewall is an open-source router, firewall and gateway security Linux distribution developed by the South Tyrolean company Endian. The product is available as either free software, commercial software with guaranteed support services, or as a hardware appliance.

References

  1. SourceForge Listing: SELinux for Distributions
  2. "Engarde Secure Linux". DistroWatch. 2022-02-07.
  3. "A Look at EnGarde Secure Linux 3.0" - LWN.com October 5, 2005
  4. " The LXer Interview with Dave Wreski" - Lxer.com July 23, 2007
  5. Archived 2007-08-07 at the Wayback Machine "Test Drive EnGarde Secure Linux" Linux.com - November 23, 2005
  6. Archived 2007-08-26 at the Wayback Machine "EnGarde - Secure Linux Server" polishlinux.org - August 7, 2007
  7. Release History. Engarde Secure Linux.
  8. EnGarde Release History as of August, 2007