Linux is particularly strong in telecommunications such as firewalls and mail delivery systems. It is also quite common to use file servers running Linux, especially in organizations that need a large number of servers in small branch offices.
The antivirus solution must naturally be able to work in such environments. Three new product releases in early 2003 strengthen F-Secures position as a provider of Linux security solutions. F-Secures goal is that a Linux-based server backbone can be protected with native products and the Windows workstations can be managed using Linux servers. This enables corporate administrators to save money by using Linux servers without constraints from the antivirus solution.
F-Secure provides a suite that provides multilevel protection against viruses. This includes protection for desktops and laptops, file servers, mail servers and the firewall. Many organizations prefer to handle some of these layers using Linux technology.
New products for Linux environments
F-Secure® Policy Manager™ has been used as the primary tool for antivirus management for several years, and is now available in both Windows and Linux versions. The new Linuxversion introduces both a console and severcomponent for Linux. These components are fully compatible with the Windows components and also mixed systems are supported. The most common installation scenario is in fact a system where several Linux servers running F-Secure Policy Manager Server are distributed through an enterprise network. Windows workstations connect to these servers and the administrator can use the Linux or Windows-based F-Secure Policy Manager Console to manage the system. The benefits are obvious in organizations that use Linux as their server platform. F-Secure Policy Manager 5.11 for Linux is available for download at http://www.F-secure.com/products/policy-man/linux/.
F-Secure® Anti-Virus™ for Firewalls 6.10, Linux version enables the customer to use pure Linux/Unix solutions at the gateway level. This product provides the same features as the Windows version, thus enabling the customer to use both CVP and OPSEC-CVP features in the firewall. This product is especially important in environments where the critical gateways are based on Unix/Linux to reduce downtime and improve scalability. The scanning engines in this product are the same as in the Windows version. The combination of multiple scanning engines provides reliable protection against all known types of viruses, including macro, script and binary viruses.
F-Secure® Anti-Virus™ for Linux Servers 4.50 provides a new architecture that is optimized for mail scanning and other similar tasks. The product provides a powerful command line interface that is optimal for integration in systems such as AMaViS. The interface allows the user to easily schedule tasks like virus scans and definition file updates. This product is, like F-Secure Anti-Virus for Firewalls, based on the same scanning engines as the other products in the F-Secure Anti-Virus product family. It uses the same update files and provides anequally high detection rate. One of the most significant new features in F-Secure Anti-Virus for Linux Servers 4.50 is the daemon mode. This mode enables the user to load the scanning engines into memory permanently. A small lightweight command line module can attach to this daemon and start scanning tasks. This unique architecture ensures very fast startup times for the command line scanner. A very important feature when a mail scanning solution invokes the scanner several times in a row, just to scan one file each time. Despite this advanced design, integration is still as easy as with any command line scanner.
Yes, you do. Linux is often promoted as having much better security than Windows. Some areas of the design are certainly more secure in Linux, but the big picture is far more complicated. The biggest difference security-wise is perhaps the basic philosophy. Windows has been developed for more than ten years with usability as the main goal. All possible parts of the system are enabled by default. This ensures easy deployment of the system, but leaves unnecessary ports open for hacking. Linux, on the other hand, only opens some of the most commonly used services by default. The administrator may open or install additional services later if needed, but this strategy ensures that a default configuration is more secure than Windows. An expert must usually tune Linux before the computer can be used. This may mean that additional systems that lower the security must be installed. Windows, on the other hand, works out-of-the-box but may be strengthened to improve the security. But which one is more secure, a ready-for-use Linux system or a strengthened Windows-system? Its impossible to give a generic answer to that question. It depends on so many things.