Security Blanket Enterprise v3.1
October 29, 2009
Trusted Computer SolutionsProduct:
£2,700 (admin console licence); £180 (client licence)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Great lockdown, reporting, auditing and system rollback capabilities; 32- and 64-bit OS support
- Weaknesses: Only supports Red Hat Enterprise Linux and Centos
- Verdict: Provides a good set of tools for locking down Linux endpoints
Security Blanket Enterprise Edition v3.1 provides an organisation with the ability to manage the secure configuration of servers throughout the enterprise and ensure that the configurations consistently meet industry standards or customised security policies.
It is a system-hardening tool for Red Hat Enterprise Linux (RHEL) versions 4 and 5, and Centos 4 and 5. It enables you to periodically check your system's state of security and to apply changes based on your security policy requirements.
Security Blanket is an agent-based solution. Agents are small in size and communicate with the server using TLS (transport layer security) with AES 256-bit encryption. PKI is used for the agent authentication, making this a very secure agent to host communication.
The user interface is set up like a dashboard and is easy to use and follow. The UI makes it easy to manage Linux devices, even if you do not possess strong Linux skills. There are numerous pre-defined profiles available for compliance management, auditing and reporting. Security Blanket is based on guidelines from organisations such as the US Defense Information Systems Agency (DISA) and the Center for Internet Security (CIS).
The baseline, auditing and policy administration features are all good and easy to use. The agent must be polled, however, so this tool is not a real-time reporting solution. Scans can be scheduled at any interval you wish and can be performed at low peak times so not to add latency to the network or device.
Servers or devices can be grouped to make the management and deployment of policies easier in very large and distributed environments.
Assessment, baseline and logging reports help IT managers and security auditors assess compliancy against security policies and monitor compliancy against change. Security Blanket scans the OS and then automatically configures it to a state of compliancy based upon the profile. We liked the feature that allowed us to compare any two servers or groups of servers, right down to file attributes.
This is a very easy-to-use solution for the amount of functionality it delivered.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry