legal

 

FOR IMMEDIATE RELEASE

CONTACT: info@tresys.com

Tresys Brings the Power of SELinux to IBM WebSphere and DB2

New Product Combines Robust Mandatory Security and Ease of Use

Columbia, Maryland–August 7, 2007 – Tresys Technology, a leading innovator of software security technologies and a major contributor to Security Enhanced Linux (SELinux), today announced the release of Tresys RazorTM for IBM WebSphereTM and Tresys RazorTM for IBM DB2TM – bringing the power of SELinux to enterprise applications. Tresys has developed a software management infrastructure that allows administrators to easily and effectively use SELinux to provide enhanced security for WebSphere and DB2 installations. With Tresys Razor, administrators can easily customize SELinux for any WebSphere and DB2 environment, greatly simplifying implementation of secure Linux environments. IBM customers benefit from added protection against security threats while reducing costs to implement and administer security.

SELinux provides Mandatory Access Control security in mainstream Linux operating systems. However, its use can be limited by the complexity of defining policies that work for the targeted applications and environment. Tresys Razor gives users an easy-to-use management infrastructure to effectively generate and apply SELinux policies for enhancing the security of WebSphere and DB2 solutions. Using SELinux, each component of WebSphere and DB2 is restricted to the resources it requires, effectively building a safety net around each process across any number of systems in the solution. This added security protects applications and their data against all types of threats – including zero-day vulnerabilities that may unknowingly exist in the underlying operating systems and network infrastructure.

"Businesses and governments want to increase the internal security of their systems and networks, while enabling external access to specific applications by their customers and citizens,” said Nallu Reddy, Director Open Source and Linux Sales, IBM Software. “With Tresys Razor for WebSphere and Tresys Razor for DB2, organizations can now easily create and apply these SELinux policies in combination with two of the most powerful enterprise software platforms. For customers it delivers 'need-to-know basis' security protection for their mission-critical applications."

Tresys Razor builds upon leading-edge open source technologies developed by Tresys to provide unmatched control over the powerful SELinux security functions – without requiring special knowledge of the SELinux policy language. Tresys Razor allows administrators to effectively use SELinux by presenting familiar application configuration items that are then used to generate SELinux security policies for all systems in the application environment. Tresys Razor also provides a network management infrastructure to deploy, install, and update SELinux configuration across the entire enterprise.

"With SELinux we have one of the best security technologies available on the market today," said Frank Mayer, CTO of Tresys Technology. "Partnered with IBM, we’ve applied this technology to WebSphere and DB2, hardening the application’s environment in a way unique to the application without impacting its functionality. We also provide a solution that lets administrators apply SELinux controls through an intuitive, network-managed user interface.”

Tresys Razor provides:

  • Integration with Tresys BrickwallTM for managing SELinux across an entire enterprise environment.

  • A simple point-and-click interface to customize the tightly confined SELinux configurations on each component.

  • Networked management of all systems in the application solution from a single console.

  • Support for IBM WebSphere (up to version 6.1) and IBM DB2 (versions 8 and 9)

Tresys Razor comes in two editions: Express for smaller installations that do not require network management and Enterprise for larger installations where centralized management is preferred. Enterprise Edition also allows administrators to configure SELinux for groups of systems, and apply and monitor this security remotely.

More information on the Tresys Razor product line is available at www.tresys.com/products.  Tresys-sponsored open source projects are available at oss.tresys.com.

About Tresys Technology

Tresys Technology is a principal open source contributor to Security Enhanced Linux (SELinux), with an emphasis on making SELinux easier to use and manage. In addition to its extensive Secure Linux technology development, services, and training experience, Tresys is developing the Tresys BrickwallTM and Tresys RazorTM suite of products to allow Linux users and administrators to easily leverage the power of SELinux. Tresys also provides business and government organizations with expert security engineering services, including security testing, evaluation and certification support, cryptographic solutions, and security technology innovation.  For more information, visit www.tresys.com.