and National Security
As the open source industry grows and becomes more widely
accepted, the use of Linux as a secure operating system is
becoming a prominent choice among corporations, educational
institutions and government sectors. With national security
concerns at an all time high, the question remains: Is Linux
secure enough to successfully operate the government and military's
most critical IT applications?
The United States
government sure thinks so. A recent survey conducted by the
Mitre Group found 251 Department of Defense deployments of
Linux and other open source software. Not only is the United
States government sponsoring hundreds of open source projects,
it has been reported that open source applications have become
major components in the IT infrastructure at the Pentagon.
advocates are currently stirring a debate on whether using
Linux in matters of national defense is appropriate. It is
their opinion that the availability of the source code for
open source applications and the unknown origins of the code
can lead to subversive content being deliberately placed into
critical codes and putting the security of our entire country
What makes this
debate illogical is the fact that there is not a single mainstream
operating system, proprietary or open source that in its current
state should be used to run critical national security applications.
Any chosen system would have to be adjusted and re-worked
to be a proper fit for the government's most critical IT needs.
However, assuming the government is turning to Linux for national
defense applications, the availability of the source code
is exactly what makes Linux the obvious choice. Linux and
other open source applications provide the freedom to customize
programs to suit specific requirements, a liberty unfounded
in proprietary systems. If the security provided by a particular
installation is not sufficient it can be modified to ensure
the highest levels of protection.
the United States government, with special regard to the Department
of Defense, puts security and confidentiality to the highest
standard. Any code chosen for critical government or military
systems must undergo countless hours of analysis and vulnerability
assessment before it will even be considered for testing.
To imply that our government has not considered the risks
of Linux and other operating systems alike and is using insecure
infrastructures of any kind is to insult the intelligence
and capability of our government and military to protect its
Linux is not
an invitation for IT terrorism, but quite possibly a first
step towards preventing it. Linux incorporates a "defense-in-depth"
approach to security, meaning robust security measures are
implemented at every level of development and deployment.
Not relying on obscurity, like closed-source counterparts,
Linux truly focuses on the security of the system and its
capabilities and strengths continue to improve, surpassing
those of proprietary vendors like Microsoft.
The open source
approach, however, affords users a substantial number of resources
from developers in the community to ensure that even seemingly
insignificant security flaws are properly fixed. The unfailing
group effort and dedication of the open source community continuously
results in vulnerabilities being identified and patches being
released more rapidly, mitigating potential security risks
before negatively affecting the end user.
Due to the consistent
occurrence of security issues circling Microsoft, Linux has
made its way into the mainstream and is becoming more widely
accepted every day. Providing customers with a reliable, scalable
platform, Linux offers a solid budget friendly alternative
to those offered by proprietary vendors without sacrificing
functionality and power.
Wreski, CEO Guardian Digital, Inc.
Internet Acceleration and
Digital Internet Defense & Detection System (IDDS) is
the first and most necessary step in securing your corporate
network. This comprehensive intrusion detection and
prevention application analyzes network traffic for
suspicious and potentially damaging activity while mitigating
risks from common and uncommon vulnerabilities. Using
sophisticated open source technologies, IDDS delivers
proactive security by blocking imminent threats before
entering the network.
web-based management and real-time system reporting
provides an effortless way to consistently maintain
security and view the status of the network. Updated
attack signatures and attack severity ratings allow
administrators to ascertain risk and take the necessary
actions to thwart attempts of intruders while powerful
intrusion prevention features identify offending IP
addresses and redirect or reset connections before harmful
data can damage a network. IDDS provides organizations
with unparalleled security while leveraging existing
resources resulting in a cost-effective, bulletproof
security solution for any network.
more about the
Internet Defense and Detection System
I have been hearing a lot about honeynets and their
relevance to Internet security. What exactly are they?
A. A honeynet is a network strategically
placed behind a reverse firewall used to identify hackers
during an attempted intrusion. Intended to be compromised,
honeynets are designed to confine and control all inbound
and outbound traffic and analyze it for malicious activity.
In many cases, honeynets are set up to give the intruder
the look and feel of a real system, leaving them unaware
they are being monitored and allowing administrators
to analyze techniques and pinpoint potential vulnerabilities
within a system.
to security, honeynets are particularly useful because
they can provide all necessary information regarding
vulnerabilities and compromises within a network, allowing
administrators to proactively correct vulnerabilities
and thwart potential compromises before any damaging
activity can take place.
Behind the Shield editors encourage their readers to
submit questions. The most frequently asked questions
will appear in future issues. We look forward to answering
all your inquiries! Email us at firstname.lastname@example.org
Digital In the News
Processor.com Interviews Guardian Digital CEO Dave Wreski
on the Measures of IT Success
Sharing his expertise with Processor.com
readers, Guardian Digital Chief Executive Officer speaks
about how companies should measure their individual
& Tips from Experts
Understanding & Preventing Denial
of Service Attacks -- Guardian Digital is pleased
to provide Behind the Shield readers with informative expert
advice on what network security really means. Each month a
new topic of interest will be chosen to supply you with useful
tips and information not offered elsewhere. This month, we'll
have a brief discussion on understanding and preventing denial
of service attacks.
of service (DoS) attack is defined as an attempt by a hacker
to prevent authorized users from utilizing a specific service.
A successfully executed DoS can disable any computer on a
network, which depending on the network structure and the
function of the workstation, could cause serious damage to
an organization's IT infrastructure, resulting in loss of
system productivity and ultimately loss of revenue.
Here are resources
we consider to be the best available for information on preventing
Exhibits Guardian Digital Products at Real World Linux Expo,
national and multi-national partners, like Symtrex Guardian
Digital is able to provide their productivity and security
solutions to customers worldwide.
One of the major
issues buzzing around the Real World Linux Expo in Toronto
this week is the cost of sufficient Internet security and
the ability for smaller corporations to afford it. Symtrex
fascinated many of the visitors to their booth by exhibiting
Guardian Digital's Internet Productivity Suite, the cost-effective,
comprehensive small business solution.
Internet Productivity Suite, to those who were cost conscious,
was an intriguing product. Not only did it provide the protection
that they required, it is simple to install, and comes complete
with a one year subscription to Guardian Digital Master Support,
ensuring any difficulties were immediately addressed. Attendees
were also impressed by the additional support subscriptions
and products that are available to complete their network,"
stated Lynne Krekeler of Symtrex.
Along with Internet
Productivity Suite, Symtrex also exhibited several other offerings
from Guardian Digital. Addressing consistent concerns for
effective spam and virus protection as well as employee surf
controls, the solutions provided by Guardian Digital's award-winning
enterprise portfolio of products obtained well-deserved interest
at the expo.