ITSD Computing and Communications Services News
September, 2002

CCS News Home
Back Issues
Computer Security
Help Request
Software Downloads
Computer Backups
Buy a Computer
Suggestion Box
Email
Calendar
Onsite Computer Training
ITSD
CIS
ISS
NTD
TEID
  UNIX Support Group to Offer Monthly Security Support Service

Beginning Oct. 1, users of UNIX and Linux workstations will be able to obtain dedicated, ongoing security support from the Lab's UNIX Support Group. The new service includes installation of the latest security software, constant monitoring for attacks and up to eight hours of system cleanup in the event of a security breach.

"We think this is a cost-effective, proactive method of doing security and that most UNIX and Linux users and even busy systems administrators will find it worth considering," said Gary Jung, leader of the UNIX Support Group. "Users will also find this service ensures they are in compliance with the Lab's Computer Protection Program guidelines."

The new service provides a more reliable alternative to the current policy of holding system owners responsible for the security of their systems. Called "Host-Based Security," this approach requires recurring time and effort - it can't be done just once. Computer owners who subscribe to security bulletins can attest to the steady stream of security notices from cybersecurity organizations, demonstrating the need for constant vigilance and updates. The result is that some systems are more secure than others.

The new program services are:
"Initial Hardening" of the workstation, including installation of security software, disabling of unused network services, correction of common or out-of-the-box configuration problems, setting up for continuous monitoring and installation of security patches.

Continuous monitoring includes daily snapshots of system files and running network services, system integrity checks, permission and content checks on critical system files, password checks, root access trusts, monitoring of DNS/BIND configuration, sendmail configuration, legacy and other out-of-date configurations and NFS configuration. The monitoring will also check for daily changes in configuration files and network services, then escalate them for inspection by a member of the UNIX Support Group.

"Rapid Response" will include monitoring of a number of security mailing lists and web sites, thus allowing the UNIX group to develop a course of action well in advance of the vendor/CERT/CIAC/CPPM notifications. This will enable the group to quickly and accurately determine which machines are vulnerable to newly emerging threats. The service agreement will also include up to eight hours of labor for doing cleanup.
  • The standard monthly rate is $95 per month per machine.
  • A preferred rate of $75 per month per machine will be given to current customers where either at least 25 percent of their UNIX systems are managed under a Service Level Agreement or can be applied to an single machine if the system is subscribed to the UNIX Group Software Farm. Volume discounts are also available.
  • The initial setup fee to bring a machine into compliance will be $110 per hour, but this may be waived for systems that either have been newly installed within the past year or recently updated by the UNIX Support Group.

This service is not intended as a replacement for systems administration so it does not include maintenance of the hardware, operating system, backups, software farm access and other systems administration functions.

For more information, contact either Gary Jung (X4894) or Jim Guggemos (X6001) of the UNIX Support Group.