Start-up banks on hack-proof Linux

Guardian Digital releases a version of Linux that's less vulnerable to attack, a niche the company hopes will gain it a foothold in the market for the Unix-like operating system.

Stephen Shankland principal writer
Stephen Shankland has been a reporter at CNET since 1998 and writes about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science Credentials
  • I've been covering the technology industry for 24 years and was a science writer for five years before that. I've got deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and other dee
Stephen Shankland
3 min read
Start-up Guardian Digital has launched an effort to sell a version of Linux that's less vulnerable to attack, a niche the company hopes will gain it a foothold in the market for the Unix-like operating system.

The Allendale, N.J.-based start-up released its EnGarde Secure Professional product Tuesday, a version of Linux that comes with management tools and server software designed to thwart attacks. The product costs $549, plus $219 per year for a mandatory software update service.

Linux, like the Unix operating system on which it's based and other operating systems, has had its share of security problems, but often the problems come with higher-level software such as the SNMP service for letting administrators manage servers or the Apache program for sending Web pages to browsers. Guardian Digital aims to stomp out many of those problems by what software is used, testing it with the other software and in some cases writing new programs, said Chief Executive Dave Wreski.

For example, the company wrote management software that substitutes for SNMP. It's not as vulnerable to attack, Wreski said, though widely used management software such as IBM's Tivoli can't control it.

"It's a viable niche for a select group of customers," said Giga Information Group analyst Stacey Quandt of Guardian Digital's product. But it's not easy to find a place at the Linux table where revenue is sparse and Red Hat dominates.

Competition is plentiful. Red Hat is billing better security as one advantage of its Advanced Server edition. The Cyberspace Security and Policy Research Institute, a technology think tank at George Washington University, is pushing for Linux to be certified under the Common Criteria, a standard that must be met before the United States and other countries can use products for sensitive government applications. Hewlett-Packard is working on its own Secure Linux version.

Perhaps the most direct competitor is WireX, which sells a secure Linux version called Immunix. WireX has sales partnerships with HP and Dell Computer.

Those sales partnerships are crucial, Quandt said. "It's not going to be successful unless they have a relationship and alliance with a hardware vendor," Quandt said.

Guardian Digital is "working with large hardware companies" on partnerships, Wreski said, but declined to say which companies. His company also is working on partnerships with software companies to have EnGarde used as the foundation for specific tasks such as screening out viruses and unwanted spam e-mail.

Guardian Digital has a start, though. The 20-person company is profitable, in part because of consulting services it sells. Its EnGarde customers include Sony, Hong Kong University, AT&T New Zealand and Piedmont Natural Gas.

Because of the cooperative nature of the open-source community, the company doesn't have to start from scratch. Building a secure operating system from the ground up would have been an "insurmountable task," Wreski said, but Guardian Digital can pluck the best of what it finds.

For example, the company, like SuSE, MandrakeSoft and other Linux companies, opted to use the Red Hat Package Manager, which makes it easier to install or uninstall software. Guardian also used the network configuration utility supplied by the noncommercial Debian version of Linux.

Staying on top of all the software updates produced by the open-source community is a challenge, Wreski acknowledges. "How do we do what Red Hat does with 600 people? That's a significant challenge for us," he said. But Wreski is convinced Guardian Digital's security specialty will ensure the company a place.

"We use much of the same code as Red Hat," Wreski said, adding that Guardian Digital has "gone through and configured them to work as securely as possible."