On the other hand, Little adds Astaro Security Linux functions in a self-contained entity capable of automatically updating itself for changes, such as virus updates. "This was another key buying point," he says.
The security device is hard for an intruder to tamper with. A "chroot" or change route environment exists for every service the software offers, effectively sand boxing each service – providing untrusted code that limits the ability of the intruder to do risky things. Little says, "If one could possibly exploit one service, one couldn't possibly take over the entire system."
The security device also supports standard authentication mechanisms. Remote access to the security device uses SSH Remote access to the Web services uses SSL. The VPN workstation uses IPSEC with its secure authentication components, or PPTP, the Microsoft authentication components.
Little says by running the Astaro Security Linux on systems with multiple processors, one could deploy a security system throughout the entire campus.
In fact, Little says that the university is looking for a firewall solution for all of the departments. "Our solution might be modeled for the rest of the university," he says.
Steve Schlesinger is general manager at Astaro Corp. of Burlington, Mass. USA. He was most recently vice president, corporate development, at SoundBite Communications. He was previously at Workgroup Technology and at Easel Corp.