Stanford University uses Linux-based Firewall by Astaro to secure research department
by Steve Schlesinger - Thursday, 16 January 2003.
Little says that the security device doesn't require much software maintenance. In fact, Astaro Security Linux runs as an application server on top of a hardened OS . He says, "Since a lot of security products run as an application on top of a general purpose OS, you'll have to manage the underlying OS, be it Windows or Sun Solaris. This means work."

On the other hand, Little adds Astaro Security Linux functions in a self-contained entity capable of automatically updating itself for changes, such as virus updates. "This was another key buying point," he says.

The security device is hard for an intruder to tamper with. A "chroot" or change route environment exists for every service the software offers, effectively sand boxing each service providing untrusted code that limits the ability of the intruder to do risky things. Little says, "If one could possibly exploit one service, one couldn't possibly take over the entire system."

The security device also supports standard authentication mechanisms. Remote access to the security device uses SSH Remote access to the Web services uses SSL. The VPN workstation uses IPSEC with its secure authentication components, or PPTP, the Microsoft authentication components.

Little says by running the Astaro Security Linux on systems with multiple processors, one could deploy a security system throughout the entire campus.

In fact, Little says that the university is looking for a firewall solution for all of the departments. "Our solution might be modeled for the rest of the university," he says.

Steve Schlesinger is general manager at Astaro Corp. of Burlington, Mass. USA. He was most recently vice president, corporate development, at SoundBite Communications. He was previously at Workgroup Technology and at Easel Corp.


The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 1st