I talk with Ryan Berens, from Guardian Digital makers of EnGarde Linux, to understand their role in the Linux distribution space. EnGarde is what you'd call a minimalist distribution that you'd install on your server to run critical services. It's also popular for its one-stop WebTool remote administration tool.
Mayank Sharma: Why do we need a specialist security distro? Why is this better than the 'adding security apps to an existing distro on the server' approach?
Ryan Berens: These platforms exist to fulfill a significant need in the market. Many users want a hardened platform because locking down a system can be both difficult and time-consuming. The challenge of creating a secure foundation requires a holistic view over all of system resources, not only at default settings, but as configurations need to change. Hardened platforms, designed and built with security from the ground up, create a much more streamlined, integrated system that ensures a system can stay secure. Bloated distro's can be very insecure by default and overcoming that initial state won't be as effective as building security in from the ground up to ensure that tools all work together to minimize access to and control over resources. Simply adding a couple applications doesn't mean they necessarily 'play' well with other apps or the OS in order to perform as securely as needed.
Discuss
Add this link to...
Tell a friend
Bury
Mayank Sharma: Why do we need a specialist security distro? Why is this better than the 'adding security apps to an existing distro on the server' approach?
Ryan Berens: These platforms exist to fulfill a significant need in the market. Many users want a hardened platform because locking down a system can be both difficult and time-consuming. The challenge of creating a secure foundation requires a holistic view over all of system resources, not only at default settings, but as configurations need to change. Hardened platforms, designed and built with security from the ground up, create a much more streamlined, integrated system that ensures a system can stay secure. Bloated distro's can be very insecure by default and overcoming that initial state won't be as effective as building security in from the ground up to ensure that tools all work together to minimize access to and control over resources. Simply adding a couple applications doesn't mean they necessarily 'play' well with other apps or the OS in order to perform as securely as needed.
Discuss
Add this link to...
Tell a friend
Bury
Comments