Security Blanket Enterprise v3.1
Strengths: Great lockdown, reporting, auditing and system rollback capabilities; 32- and 64-bit OS support
Weaknesses: Only supports Red Hat Enterprise Linux and Centos
Verdict: Provides a good set of tools for locking down Linux endpoints
Security Blanket Enterprise Edition v3.1 provides an organisation with the ability to manage the secure configuration of servers throughout the enterprise and ensure that the configurations consistently meet industry standards or customised security policies.
It is a system-hardening tool for Red Hat Enterprise Linux (RHEL) versions 4 and 5, and Centos 4 and 5. It enables you to periodically check your system's state of security and to apply changes based on your security policy requirements.
Security Blanket is an agent-based solution. Agents are small in size and communicate with the server using TLS (transport layer security) with AES 256-bit encryption. PKI is used for the agent authentication, making this a very secure agent to host communication.
The user interface is set up like a dashboard and is easy to use and follow. The UI makes it easy to manage Linux devices, even if you do not possess strong Linux skills. There are numerous pre-defined profiles available for compliance management, auditing and reporting. Security Blanket is based on guidelines from organisations such as the US Defense Information Systems Agency (DISA) and the Center for Internet Security (CIS).
The baseline, auditing and policy administration features are all good and easy to use. The agent must be polled, however, so this tool is not a real-time reporting solution. Scans can be scheduled at any interval you wish and can be performed at low peak times so not to add latency to the network or device.
Servers or devices can be grouped to make the management and deployment of policies easier in very large and distributed environments.
Assessment, baseline and logging reports help IT managers and security auditors assess compliancy against security policies and monitor compliancy against change. Security Blanket scans the OS and then automatically configures it to a state of compliancy based upon the profile. We liked the feature that allowed us to compare any two servers or groups of servers, right down to file attributes.
This is a very easy-to-use solution for the amount of functionality it delivered.