View as PDF
Why should I choose Trustix™ Secure Linux ?
Trustix™ Secure Linux was conceived in 1999 as we identified the growing need for a secure distribution aimed specifically at the enterprise server market. The Secure Linux ships without all the unnecessary packages that are offered by other Linux distributions.
Other distributions actually add packages to their server distributions as they move up through the product suite. For example, Red Hat Enterprise Edition ES/AS contains all the services included in the workstation edition and is designed to be functional as a client.
Trustix™ Secure Linux is designed solely towards the server market- without superfluous programs or a resource hungry GUI. Stripped down, security hardened and specifically optimized to maximize the performance and stability of enterprise servers.
Why did we lose all the extra packages?
It may seem counterintuitive for an Secure Linux to ship with less pre-installed applications than its major competitors. This is, however, a design decision taken by the technicians at Trustix™ Labs in order to facilitate the most secure and stable platform for enterprise server deployments.
Linux is open source, so it would take absolutely no more investment by us to include these packages, yet many of them are superfluous, repetitious or represent security and/ or performance drawbacks. Trustix™ have included only the 'best of breed’ packages in its distribution.
Furthermore, services in Linux are dependent on each other. Any attempts to remove a service in order to tweak security or performance leads to serious interdependency issues. Services on your server will stop working because a dependent package has been removed.
Trustix™ Research Labs have eliminated the server non-essential components of Linux and modified those that remain to their secure defaults. Interdependencies have been resolved and preconfigured by our developers so that Trustix™ Secure Linux can be quickly installed out of the box. Your business can immediately deploy a fully operational and secure server in less time than any other Linux distribution.
No security through obscurity
Many modern Linux distributions focus on security. They provide kernel patches, modified user space utilities and so on to create the 'unbreakable' system. These distributions have one thing in common: Security through obscurity.
'Security through obscurity’ is to attempt to secure the system by modifying the expected, standard Linux behaviors. In its most extreme form it renders the system useless for anyone that doesn't possess in-depth knowledge about the modifications. Knowledge of 'vanilla’ Linux becomes next to useless in the face of heavy vendor alterations to the Secure Linux .
While this initially may seem like a good idea, it really only buys a limited amount of time. The hacker is a tenacious animal and always finds ways to circumvent this kind of security. And while it might take them some more time, they usually manage it.
It is at this point that the strategy reveals itself as meretricious and counter-productive. True- the modifications bought some time- delaying the attackers who eventually broke down the system. False- the system being modified beyond recognition has made it impenetrable for the system administrators, and they spend more time working on it than they would have with a standard system. Productivity is lost whilst your technicians attempt to navigate and repair an Secure Linux that is unfamiliar to them.
Furthermore, the modification of the system utilities forces the distribution developers to spend more time preparing security and bugfix updates then they would have on a clean system. By creating this rod for their own backs, developers extend the window of insecurity between a problem being identified and the patch being made available.
The Trustix™ team considers the necessity to get updates out in time greater than the potential time bought by using an obscure system.
Trustix™ designed Trustix™ Secure Linux to be a clean, unmodified installation that Linux system administrators can easily minister should they have to. There are no surprises, no vendor booby traps and no heavy package modifications. Just the most securely configured Linux Server distribution available.
Today, Trustix™ Secure Linux offers a very crisp and clean distribution which meets all the enterprise needs without the need to wade through all the packages and services your server doesn’t require. Typically, a minimum install is about 100MB and contains around 180 server targeted packages. It is the most stable, secure and efficient Linux distribution available.
- Packages are carefully chosen for their relevance to the requirements of enterprise servers
- Secure defaults chosen for all services and packages
- No superfluous or repetitious packages
- Preconfigured to optimize the performance of enterprise servers- e.g.- no resource hogging GUI or unnecessary services
- Securely and automatically download Trustix™ Secure Linux upgrades via SWUP™ module
- Installation media contains the latest version of Trustix™ Secure Linux - no need to download huge updates, patches and security fixes after you first install
- Full dependency checking carried out at Trustix™ Research Labs
- Compatible with the whole range of 3rd party and specifically developed Linux applications
