Why we do what we do.
We use Linux systems here because the power and flexibility allows us to provide a better product than with any other operating system. We use RedHat Enterprise Linux (RHEL) because it has state of the art management tools like RPMs for package management and Spacewalk for system management all integrated with the most comprehensive security process available called SELinux with Multi-Level Security (MLS).
We do all of this because it makes our product outstanding for our customers.
RedHat created the Redhat Package Management (RPM) process very early in the life of the company. It allows system administrators to know easily what software is on the system and what version it is. The RPM metadata includes dependencies for each package. This allows for reliable updates as the sysadmin can verify all the prerequisites are in place before installing or upgrading a package. Now it's known in advance that the correct libraries are in place.
RPM packages have metadata that is a frontline defense for system security. The packages are signed with a security key. If that signature is tampered with, the system will refuse to install the package. This blocks trojaned packages from being installed. If the package is not signed with a known security key, the system will refuse to install it without an admin override.
The RPM process also tracks information such as the installation date, size of all files and a MD5 checksum of all binaries. This allows admins to verify that an installed package is still exactly as it was when it was deployed originally.
Spacewalk is a large scale RHEL system management tool. It provides mechanisms to deploy, configure and update RHEL systems individually or in defined groups. It acts as a repository of RPMs.
Spacewalk provides reports showing the status of system packages for all deployed machines. It provides a ready list of systems that need to be updated and whether those updates are for security patches, bug fixes or just package enhancements. Systems can be joined to an automatic update process so that approved security patches are applied as soon as they are available.
Security Enhanced Linux (SELinux) began with the original kernel patches provided by the National Security Agency (NSA). Prior to SELinux, the internal system security model was a Discretionary Access Control (DAC) form. This was the original UNIX style owner, group, world read, write, execute process. A user could change a file or directory they owned to be world read, write and execute. SELinux uses a Mandatory Access Control (MAC) model. A user can't change the MAC data on a file or directory even if they own it. To do so requires a security user to make the changes.
SELinux security models
SELinux has different ways of working. In targeted mode only select network daemons are protected. In strict mode, the entire system is protected.
There are policy types for SELinux. These policies dictate how the kernel allows or blocks data flow between processes, files and connections. Multi-Category Security (MCS) is a non-hierarchical method that has multiple containers like "company confidential" and "patient record". Multi-Level Security is MCS plus additional hierarchical levels like "secret" and "top secret".