Trusted Computer Solutions (TCS) has launched what it calls the first Linux hardening tool that is designed to be easy to use and to help system administrators out with compliance issues.
The program, called Security Blanket, was first shown last week at LinuxWorld Conference & Expo in San Francisco, and will be available on Sept. 17 for US$198 per licence. It is compatible with Red Hat Enterprise Linux, which has partnered with TCS on the system.
TCS specializes in hardened systems, offering a hardened version of Sun's Solaris, and does most of its work with the U.S. government. For instance, it is one of the two companies -- along with HP -- that has built systems on a National Security Agency data-sharing framework called NetTop.
With Security Blanket, TCS said it was aiming for an alternative to the patchwork of mostly command-line tools Linux administrators currently use to harden their systems.
Those command-line tools actually contribute to Linux's security, according to a report by Quandt Analytics, which found that in the Windows world, the GUI-based security tools are easier to use but allow configuration mistakes.
The down-side of this situation is that hardening isn't a universal practice on Linux servers, with Forrester Research recently reporting that 26 percent of Linux admins surveyed left some of their internet-facing servers unhardened. The same report found that 53 percent of Linux admins do their hardening manually.
TCS said Security Blanket handles more security flaws than Bastille Linux, a popular hardening tool, and unlike Bastille, it offers a compliance model and doesn't require knowledge of Unix administration.
Security Blanket allows admins to monitor and report on system security status, an important part of compliance.
It offers a set of 50 security best practices, based on National Institute of Standards and Technology (NIST) guidelines, that are designed to further simplify configuration.