What makes SUSE Linux Enterprise so secure?
Security issues and concerns have gained more and more attention in the public over the last years. SUSE's presence in the software security field contributes significantly to the high degree of trust and confidence that users place in open source software. The security of our platform is fundamental to your business, and earns the trust and faith of your customers.
Highest Security requirements
- Common Criteria Certification – EAL 4+
SUSE, in cooperation with its partners, has received Evaluation Assurance Level 4+ for SUSE Linux Enterprise Server as part of a Common Criteria Certification. That signifies that SUSE Linux Enterprise Server can be set up in a way that meets the highest security requirements of organizations like governmental defense departments/
- Audit subsystem
SUSE Linux Enterprise Server comes with a built-in audit framework, which provides a CAPP-compliant (Controlled Access Protection Profiles) auditing system that reliably collects information about any security-related events. The audit records can be examined to determine whether any violation of the security policies has been committed and by whom. This meets the strictest governmental security standards and industry requirements.
AppArmor® is the most effective and easy-to-use application security framework for Linux applications available today. It allows you to specify the files that a program may access and the operations that a program may perform on the files. Any other behaviors beyond that scope are denied and logged. A number of default policies are included, along with learning-based tools and advanced statistical analytics that simplify the development of customized policies, even for very complex applications.
- SUSE Linux Enterprise Server – Firewall
SUSE Linux Enterprise Server protects your network from external attacks with a so-called "stateful" firewall. With the help of iptables—a generic table structure for the definition of rule sets—it precisely controls the packets allowed to pass a network interface. Such a packet filter can be set up easily with the help of SUSEfirewall2 and the corresponding YaST administration module.
Value to the cloud customer:
You get the highest "out of the box" security that is easy to configure and manage. Security policies and rules can be adapted without the need to reboot the system, which increases uptime significantly.
In comparison, unpaid Linux provides:
- No CC EAL 4+ certification
- No predefined profiles
- No support