Archives for February 2006
Review: R-fx Networks Linux Security Bundle
A while ago I decided to increase the level of security on my servers. Since having my own (leased) hardware I had a friend taking care of the system administration, but he had to cut back on this task due to time constraints and I was doing pretty much everything myself. I started researching of what I would need to do to make sure my servers were up to date. I usually run all necessary updates on a recurring base as well as Red Hat updates itself with all necessary updates nightly. But Firewall, Brute Force Detection, IDS (Intrusion Detection System), Root Kit Hunter, and all the other add-ons also needed to be updated.
I looked at the efforts and the possible time needed for this and came to the conclusion that it might be better to outsource this one-time major update. I researched several services for system administration and security upgrades and decided to give the folks of R-fx Networks a try. Here is what I ordered:
$90 USD One-time Fee
The Security Bundle is a total security roundup for your critical appliances. We install an array of industry standard software, with many custom settings we have learned over the years – to ensure your security and peace of mind
The security bundle includes the installation/upgrades of several pieces of their own software.
APF – Advanced Policy Firewall)
LSM – Linux Socket Monitor
SPRI – Priority Scheduler
BFD – Brute Force Detection
SIM – System Integrity Monitor
NSIV – Network Socket Inode Validation
LES – Linux Environment Security
There are also some additional server hardening services included. A complete list of services can be found here:
I contacted R-fx Networks through their website support form, but did not get a response at all. I then emailed them as email was listed as the second option to contact them. This time (weekend) I got a response in less than 2 hours. My questions and concerns were addressed immediately.
I placed my order about one day later and a turnaround time of 2 hours to 24 hours was promised. After placing my order I received an email with additional instructions of how to submit the necessary server information to them. There was also a place to submit additional instructions and information they would need to know about.
I then patiently waited. About 15 hours after placing my order I was notified that the work would start now. I kept a close eye on the websites on that server to see the impact to them from the work. I expected some interruption. After about 90 minutes the whole process was completed and I received an email with the final update.
I logged into the server to verify what was done and to make sure everything was in a working state. All websites were functioning just fine. Everything looked good except for a downed service. I notified R-fx Networks about the problem. As I wanted to keep the impact of this issue as small as possible I tried to troubleshoot the problem myself and was able to fix it before R-fx Networks even responded to my email. I then went through the list of special requests I had submitted to them to take care off. None of my special requests was taken care of. I was a little disappointed. These were not major issues, but I had hoped that I do not have to spend time on doing them myself as it would have been easier if they would have been done by R-fx Networks.
Overall I am very satisfied with the work performed by R-fx Networks. Even though they did not fully completed the requested extra tasks (which were confirmed as no problem in the sales inquiry) and left the system with one service downed, I think they did a good job. They met their own timeline to execute the work and they communicated well with me so that I was always aware of what was going on. On a scale of 1 to 10 I would rate their work 8+/9 for this job. Will I use their services again? You bet. I used their free software since I leased my first server and really appreciate that they offer these products free of charge.