Standardized hardware, the advent of cloud and other virtual platforms, as well as the low cost of Linux has led the Unix world down the path of standardization under open source software. When originally developed, commercial Unix solutions such as Solaris, HP-UX, AIX, and others were custom built to accommodate proprietary hardware configurations using proprietary drivers.
It is no longer cost-effective for commercial concerns to develop their own OS. And, as the industry embraces standardization and common platforms, commercial Unix platforms will soon cease to exist. Open source has permitted the best ideas from the various commercial platforms to be integrated into one standard operating system. Large commercial environments have also taken a containerized approach to software deployments, and OS standardization is the cornerstone of such deployments.
Proprietary operating system development customarily involved the development of alternative processes and management tools such as “Smitty” in AIX, or “Management Console” in Solaris, and other processes that deviated from more common approaches. Unfortunately, this forced system administrators to learn multiple tools and methods for doing virtually the same thing.
Each commercial deviation from common approaches caused downstream changes in other software that was installed on servers. Directory changes, tools used to manage network connections, or other software had to be modified to work properly on each variant. This took focus away from developing best practices and standards that were common to all Unix platforms. Through open source software, these deviations were normalized, and the best methods have been incorporated into the Linux operating system.
The downside with Linux as an on open source software is that, in most cases, there is only community support to resolve any issues or vulnerabilities in software and supporting libraries. However the fact that the open source community has a roughly 10-year track record of quickly responding to reported has helped foster considerable confidence in the Linux operating system.
With commercial Unix variants, the source code and libraries are all custom-developed and underwritten by the company that delivers them. For large commercial organizations, even though that security comes at a premium, it has traditionally been considered worthwhile. The recent acquisition by IBM of Redhat Linux brings significant credibility to the open source software on which it is built, and this indicates a further trend towards standardization of the operating system to Linux.
How Standardization Simplifies Access
One of the foremost benefits inherent of common platforms and standardized operating systems is consensus and standardization of access and asset models in all enterprises. Once a standard method is agreed upon, it will be possible to focus more effort on securing systems and standardizing access to them. Resources that were previously focused on esoteric development threads can be rededicated to developing common access policies and collecting asset data to strengthen their security program.
With a common operating system such as Linux, it is possible to deliver significant return on investment from BeyondTrust’s Endpoint Privilege Management solution for Unix and Linux servers, and the rest of our suite of products. One alternative use for our Unix/Linux server solution is to take advantage of the trusted agent nature of a deployment and to use the agents to collect consistent data from assets within the network. Another use would be to leverage the solution’s infrastructure as a gateway into any corporate environment where access to any resource is granted based upon the conditions desired by the customer.
Focusing on a common operating system provides an opportunity to develop standards among tools and software and to introduce common points of conditional access into any environment. As the presence of commercial Unix variants begins to diminish due to standardization and consensus among consumers, there lies an opportunity to further expand the same controls that govern privileged access to the broader corporate environment.
To learn how BeyondTrust and our extensible suite of privileged access solutions can help your organization’s journey toward audit and regulatory compliance, and secure access at any level, contact us.
Chad Erbe, Professional Services Architect, BeyondTrust
Chad Erbe is a Certified Information Systems Security professional (CISSP), with nearly 30 years’ experience in a Unix/Linux administration role. Chad has worked in DoD high-security environments, manufacturing, and with large financial services companies throughout his career. This broad experience has lead him to an architectural role with BeyondTrust where he focuses on Privileged Access Management, particularly in the Unix suite of products. Chad also maintains his PCI ASV certification from the PCI council.