SELinux expertise
Implementing enterprise security at the core of Linux servers
The SELinux technology was developed in the early 2000s to make the Linux servers more secure ; specifically to make Linux servers eligible to government or military use, to make Linux suitable for information security most demanding environments.
The role of SELinux is to guarantee that any action occurring on a Linux server is legitimate and approved by the general security policy of the organization the server belongs to. This general security policy must be translated to a SELinux policy, that is to say into a set of technical rules at the Linux operating system level.
LHQG specialists work at your side and at your service, deploying their SELinux expertise. They create or customize the SELinux policy on your servers to conform to your company IT security policy.
Community SELinux modules
LHQG Tech engineers develop and maintain multiple SELinux policy modules publicly available to the community.
- Springboot : policy module to confine Java applications Java, running as (permanent) services, based on the Spring framework,
- Springbatch : policy module to confiner Java jobs, running as one shot batch, based on the Spring framework,
- Sybase ASE : policy module to confine the Sybase ASE database engine.
Modules SELinux enterprise
LHQG propose également une offre commerciale de modules de politique SELinux à destination des entreprises qui ont besoin de support sous forme de maintenance évolutive et/ou corrective :
- Bases de données Cassandra : modules SELinux pour confiner les resources (processus, fichiers, sessions, ...), pour la version communautaire et la version DataStax Enterprise,
Et nos Tech engineers sont à même d'imaginer, créer, développer et maintenir une politique SELinux ad hoc pour répondre à un besoin spécifique d'entreprise afin de renforcer la sécurité d'une plateforme basée sur Linux.