EnGarde Secure Linux provides a secure platform for all of your organization's Internet facing systems. Designed from the ground up with security in mind, building your business on an EnGarde platform allows you the peace of mind that comes with knowing you are protected from an array of threats.
What makes EnGarde so secure? We're glad you asked.
- Secure By Default
Other distributions may require extensive customization to ensure security, but EnGarde Secure Linux defaults to the most secure options in all areas. Secure shell access requires two-factor authentication using a key file and passphrase, all services install as disabled and are restrictable by IP address, and the default permissions are as conservative as possible.
- State of the Art Security Policy
EnGarde incorporates a strict SELinux security policy that restricts every application on the system to only the access required for proper operation. This effectively sandboxes each service, isolating security breaches and preventing privilege escalation by mitigating any unknown application flaws.
- Easy Administration From Anywhere
The Guardian Digital WebTool provides system administration functions accessed remotely using a secure web browser connection. Its powerful functions allow administrators to monitor the system, create virtual websites, and manage user accounts, email, DNS and more all using a simple web-based interface while maintaining a strong security posture.
- Everything You Need, Nothing You Don't
Many Linux distributions are packaged with everything up to and including the kitchen sink. After all, the software is open source, so the thinking is "Why not package anything any user might want to use?" The flaw in this reasoning is that any application can be vulnerable to a security breach. EnGarde Secure Linux focuses on being a secure server operating system, containing the software you want for the functionality you need and excluding the kitchen sink mentality that can lead to insecurity.
- Layered Security
EnGarde Secure Linux is based on a philosophy of layered security. Since no non-trivial software can be assured to be completely free of defects, EnGarde is built upon layered defenses that reinforce each other. The restrictively defined file and directory permissions, default application configurations designed by security experts, strict SELinux application policies, system file integrity checking, network intrusion detection capabilities, and powerful firewall combine to provide an out-of-the-box level of security unmatched in the Linux market.