The design of ASL approaches securing the server, and its applications, by combining different layers of security technologies and application layer firewalls to filter out malicious content, before it reaches the application and using our hardened kernel subsystems  further enhance the overall security model by enforcing file, network and process level security policies on the system.

The ASL approach also includes our "Just In Time Patching" system, which allows you to address security threats posed by applications where either it is not possible to fix the application due to lack of source code, or availability of resources, or the number of applications make repairing all vulnerabilities economically unfeasible.  You can known that your systems are protected, even when you can't patch them.

ASL Screenshots

Some of its Features

• Automatically hardens Linux servers based on security policies, and ships with a world class set of policies developed by our security experts.

• Web based GUI management, which ties directly in with control panels such as Plesk Server Administrator (PSA).

• Built to work with Web control panels.

• "Just in Time" Virtual Patching for web applications.  Helps to protect vulnerable applications that can not be patched immediately.

• Automated secure log management.

• Automated file upload scanning protection, realtime prevention of malicious file uploads such as rootkits, viruses, worms, shells, spambots and more!.  Scans all Web, FTP and SSH based file uploads.   Files can be quarantined for further investigation, or can be automatically deleted files before they are ever uploaded to the system!
  

• e-mail notifications of attacks and system emergencies.
  

• Automatically disables unsafe functions in web techologies such as PHP to help prevent entire classes of vulnerabilties.
  

• Built in vulnerablility and compliance scanners to ensure that your system is configured in a safe, secure and compliant manner.

• Application layer firewalling through mod_security, and the industry leading rules created by Atomicorp at gotroot.com, optimized for Plesk Server Administrator environments.  A must for PCI-DSS compliance!
  

• Protects against cross site scripting, SQL injection, remote code inclusion, directory recursion and many many other web based attacks.

• Realtime malware/virus/trojan protection from web, mail, file and local based attacks.

• Web comment/blog/referrer spam protection.

• Prometheus Group's malware and rootkit signatures.

• Real time web content redaction system, which helps protect a system from accidentally serving up malware and can be used to help prevent data leakage of information, such as credit cards, SSNs or other sensitive customer data.

• Domain based control over antispam and antimalware features.

• The Most powerful stack overflow protection available for Linux, using the PaX project stack protection enhancement for the Linux kernel.  Protects your Linux server against stack and heap based overflow exploits in services on the system, such as apache, mysql, postgres, bind, secure shell and others.  Also provides for high end randomization of the kernel, stack, library, and heap bases.  More powerful than the execshield and randomization protection found in normal Linux kernels.

• An intelligent and highly secure robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration, from the Grsecurity project.

• Specially hardened chroot capabilities, and protection against exploitable null-pointer dereference bugs in the kernel from the Grsecurity project.

• Trusted Path Execution, which restricts untrusted users such as apache to execute commands only owned by root, thus simply preventing a whole class of exploit techniques used by attackers, or internet worms.  This can also be used to prevent your users from uploading dangerous software to your servers!

• Users are restricted to only view their processes.

• Realtime Blacklists of spammers, malware and attackers.

• Realtime shunning and blocking of attack sources and user control over "deshunning" time lines.
  

• Denial of Service protection through mod_evasive.

Supported Platforms

Red Hat Enterprise Linux 4 and 5

CentOS 4 and 5

Fedora Core 4, 5, 6, 7, 8 and 9

ASL GUI Supported Browsers

Internet Explorer 6 and 7 

Opera 

Firefox

SeaMonkey

Safari

Pricing

Subscriptions to the Atomic Secured Linux channel are available for 128$ per year, for each server using the product. Bulk discounts, and reseller agreements are also available, for more information contact This e-mail address is being protected from spam bots, you need JavaScript enabled to view it .

Support

Subscribed customers are entitled to email based support for as long as their subscription is valid, at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it . ASL customers are also discounted 20% on professional services for support on issues outside of ASL, including custom application integration, clustering, forensics. Emergency services are also available on short notice. When requesting emergency services, please include in the subject line of your message 'Emergency Services Request'.

ASL Installation Documentation / Source code

Red Hat Enterprise Linux 4-5, CentOS 4-5, Fedora Core 4-9 installation shortcut:

SSL Install:

    wget -q -O - https://www.atomicorp.com/installers/asl |sh 

 Non-SSL install:

    wget -q -O - http://www.atomicorp.com/installers/asl |sh

• Wiki
  

• Installation

• Source Code

• Support Portal
  

Sign Up Now