Immunix Releases Latest Secure Linux Operating System

Immunix 7.3 Secure Server OS includes extensive DARPA-sponsored technologies for real-time host-based intrusion prevention

PORTLAND, ORE Dec 16, 2003— Immunix, a leading provider of Linux application and OS security solutions, today announced the release of the Immunix Secure OS 7.3 Linux server operating system with integrated host intrusion prevention technologies. Immunix 7.3 is based on the 2.4 version of the Linux kernel, and includes a powerful suite of security technology including mandatory access control, as well as buffer overflow and format string protection.

Losses from computer crime are expected to soar 25 percent to $2.8 billion in the U.S. this year, according to market researcher TruSecure. Even with traditional network security methods in place such as firewalls and intrusion detection systems, attackers often intrude through the perimeter defenses to compromise or take control of mission-critical servers. The idea behind host based intrusion prevention is to directly protect the programs running on the server by making the programs security bug tolerant. If a vulnerability exists in software code that has been protected by host intrusion prevention technology, that vulnerability is no longer exploitable by a would-be attacker.

Immunix 7.3 Secure Server OS is a full Linux server operating system, highly compatible with Red Hat Linux 7.3, which has been fortified against intrusion using Immunix DARPA-sponsored security technology. Many security vulnerabilities result from bugs in "trusted" programs, that is, a program that runs with privileges that allow access to other information on the server. These programs fail to keep that trust if there is a bug in the program that allows an attacker to acquire that privilege. Immunix Secure OS 7.3 is designed specifically to provide containment of suspect programs, allowing the system administrator to clearly and concisely specify the set of resources that a program may access, and the operations the program may perform. Immunix-confined programs are effectively quarantined to protect the rest of the system from compromise. Further, Immunix provides compiled-in protection for buffer overflow and format string vulnerabilites, which combined account for a majority of the security advisories issued by the CERT Coordination Center (CERT/CC), the leading center of Internet security expertise.

Included with the Immunix Secure OS 7.3 are all the tools necessary to secure additional applications, custom or commercial, for hosting on the Immunix Secure Operating System. In early November, Red Hat Linux announced that they would discontinue maintenance support of Red Hat Linux 7.x and 8.x at the end of December 2003. Immunix will offer security updates for the Red Hat-compatible Immunix 7.3 through March of 2005. Immunix has been chosen by leading application vendors such as Trend Micro and Websense to deploy their products securely at the perimeter of enterprise networks. These applications are delivered as "software appliances", making secure deployment very easy for over-burdened IT personnel.

"Immunix Secure OS 7.3 provides the highest level of host security that we have found, which allows us to run our business confident that our electronic assets are well protected" says Adam Shostack, CTO of nMotion, Inc. a security ISV. "With the increasing connectivity requirements of today's businesses, perimeter defenses by necessity become more porous. Host intrusion prevention protects critical network assets right at the source."

"Providing adequate host security has been a very expensive proposition. For many organizations, it is sometimes cheaper to accept a security breach than an interruption of operations." said Dr. Crispin Cowan, Immunix Chief Technology Officer. "Immunix is focused on creating the easiest to deploy, easiest to manage and most secure OS products available. This means products that prevent untrusted applications from accessing trusted applications while limiting the need to patch."

"Immunix technology is amazingly intuitive to configure." Said Jay Beale, Security consultant and leader of the Bastille Linux Project. "While other secure OS technologies have steep learning curves, Immunix technology can be mastered by most administrators in less than 30 minutes." Included with Immunix OS is the Immunix Update Service which provides automated delivery of tested security patches and critical software updates directly to Immunix servers. Through its close relationship with early advisory services, Immunix is able to provide users with patched versions of software at the earliest possible date with respect to notification of a vulnerability. All Immunix patches are pre-compiled with the Immunix StackGuard and FormatGuardTM technologies.

About Immunix

Founded in 1998, Immunix is a leading provider of Secure Linux and Host Intrusion Prevention solutions. Under DARPA funding, Immunix has developed a suite of unique security technologies that assures the integrity of servers and applications by preventing hackers from exploiting both known and unknown software vulnerabilities to compromise critical business data. The Immunix Secure Server Platform provides proactive protection directly to the server core and reduces the requirement for constant security patching while increasing infrastructure up time and improving resource utilization and efficiency.

Immunix Secured

Solutions combine Immunix security technology, advanced server management capabilities and third party enterprise applications in a "software appliance" format, resulting in easy to deploy, highly secure gateway solutions targeted at standard Intel-architecture server hardware. For more information, visit