Immunix Linux 7.0 review

Immunix is the leading provider of enterprise class, host intrusion prevention solutions (HIPS) for Linux. Immunix products use te

License: Free for non-commercial use File size: 0K Developer: Immunix Team

0

Immunix is the leading provider of enterprise class, host intrusion prevention solutions (HIPS) for Linux.

Immunix products use technology originally developed in conjunction with the Defense Advanced Research Projects Agency (DARPA) to protect systems from both known and unknown attacks, without the need for signature updates.

Here are some key features of "Immunix Linux":
Protect business critical Linux-based applications and services
Ensure system security and data integrity
Comply with internal security policies and government regulations

Strengthen Your Defenses

Immunix AppArmor is strong host security that minimizes downtime and costs associated with computer attacks by protecting the applications and operating system. Flexible and easy to use, AppArmor protects server, Web-based and custom applications from malicious behavior by identifying violations to a pre-defined usage policy and enforcing correct behavior. AppArmor protected Linux systems are inherently more secure and reliable, reducing the high operational costs associated with enterprise deployments and maintaining application integrity.

Quickly Deployed and Easily Managed

The powerful features in AppArmor allow administrators to create per-program usage profiles through an automated process. AppArmor creates a template profile just by analyzing the program's code. Then, in the normal course of application testing, the Leaning Mode Tool captures "good behavior" to further define the program's profile. Once the analysis has been completed, the profile can be deployed across multiple systems, effectively locking down the application to prevent exploitation.

Simple to Manage Profile Creation

AppArmor's wizard-based graphical interface automates profile development, making it easy and straightforward to lock down Linux applications - especially for novice users - while allowing power users the flexibility they need to create finely tuned profiles via the command line tools.

Security Event Reporting

AppArmor includes multi-tier reporting with data aggregation, incident analysis, event severity and notification status via the YaST UI or HTML format.

Executive Summary Report provides consolidated security event analysis of each host
Host Application Report identifies the applications running on a host, as well as applications protected by AppArmor
Security Incident Report detail on each event with technical analysis and severity prioritization

Pre-Built Profiles

Profiles can be created for all network facing applications in a relatively short period of time. AppArmor provides more than 30 pre-built profiles for popular operating system services and common applications, including:

Apache web server with confinement for CGI scripts
Postfix mail server
Sendmail mail server
MySQL relational database
FTP server
Samba file & print server
NFS file server
DNS server
DHCP server
OpenSSH with privilege separation before authentication
Squid web caching proxy

Administrators can easily modify these pre-defined profiles for highly customized environments.

Integrated into the Linux Security Modules (LSM)

The Linux Security Modules (LSM) interface provides a lightweight, general purpose framework for access control. Fully integrated into the LSM, AppArmor profiles specify the files that a program may read, write and execute, using intuitive UNIX regular expressions and mode bits. Blending seamlessly with native Linux access control methods, Immunix prevents the exploitation of known and unknown vulnerabilities prior to exploitation without impacting the performance of the system it's trying to protect.

YaST-Based User Interface

Immunix AppArmor can be accessed through a YaST-based user interface, which extends the YaST management tool currently shipped with SUSE LINUX. This wizard-based graphical interface automates profile development, making it an easy and straightforward task for novice users, while giving power users the flexibility they need to create finely-tuned profiles.

Novell YES Certification

The Novell YES Certification validates Immunix�s host intrusion prevention product as a tested and proven application security solution for the Novell SUSE Linux deployments. By combining an effective host-based intrusion prevention product with Novell�s Linux platform strategy, Immunix provides organizations with a comprehensive solution that ensures business continuity and superior data protection for critical SUSE Linux deployments.