 |
 
PitBull Foundation Benefits
Secure e-Business Foundation
PitBull Foundation is Argus' core Intrusion Prevention software module. Based upon trusted operating system technology, it moves the fundamental security layer down to the operating system level, where decisions are made about access to file systems, devices and processes. With a PitBull-enhanced operating system, all security policies are enforced at the point of decision - the operating system, which cannot be circumvented. Data of all types are totally protected from unauthorized access or modification. PitBull Foundation is installed as a simple upgrade to standard Unix operating systems. It maintains full binary-level compatibility with all applications supported by the standard operating system, while meeting stringent internationally-recognized security criteria. PitBull Foundation employs a combination of technologies and features, including: REMOVAL OF UNIX SUPERUSER PRIVILEGES
On a standard Unix system, the operating system has been designed so that one user ID, called root or superuser, can bypass all security restrictions. A user running as superuser (either an authorized administrator or an attacker who has taken over the OS) can create, modify, or delete any file, and can send and receive any network packets he chooses. With its least privilege mechanism, PitBull breaks down the superuser privilege into many smaller privileges, thus eliminating most of the threats commonly reported with standard operating systems. Exploitation of superuser-level bugs will no longer allow a malicious user to bypass system security. MANDATORY ACCESS CONTROL (MAC)
On a PitBull system, restricting access to objects that may contain sensitive or confidential information is enforced by the system itself. Access no longer hinges upon the willing compliance of users. MAC ensures that no unauthorized person (external or internal) or program can access or modify system resources or data. ISOLATED COMPARTMENTS
Programs, data, and network interfaces can be split into separate, isolated partitions with restricted access between them. This isolation provides powerful protection against the many security holes found in e-business software. By placing each application in its own compartment, even if an application software bug is found and successfully exploited, the attacker cannot break out and attack other applications or "off limits " areas. It's as if the attacker is locked inside a jail cell with no way out. ENHANCED IDENTIFICATION, AUTHORIZATION, AND AUDITING
PitBull employs a variety of tools to enhance the login and authentication processes. And, by protecting its enhanced audit log in an isolated partition, it prevents intruders from covering their tracks. INDEPENDENT VALIDATION
With so much riding on the security of e-business servers, it is critical that security solutions undergo independent testing and certification. As part of the rigorous ITSEC certification, PitBull Foundation has been successfully evaluated in terms of its overall design, the integrity and reliability of its source code, and its ability to stand up against rigorous penetration testing. PitBull technology is currently undergoing Common Criteria evaluation. The Result
The operating system is secured. Attackers cannot gain control of the operating system. Nor can they exploit application weaknesses to gain superuser powers. Applications, network connections and system resources can now be completely isolated from one another. No attacker from the web can access your back end systems - and vice versa: no insider can export unauthorized information via your web server. Experts agree that security should start by protecting the core - the operating system of your e-business servers. PitBull Foundation is the solution of choice by many of the world's leading security practitioners. For complete details of PitBull Foundation, please see our White Paper section. 
|
 |
||||||||||||||
 |
||||||||||||||||
