The test, which took place over a three-month period last year, examined a wide range of open-source Linux products supported by IBM to see whether they could adequately protect a network in its entirety.
IBM’s Linux Test Integration Center issued an 87-page report titled, “Linux Security: Exploring Open Source Security for a Linux Server Environment,” which includes detailed technical descriptions of the testing procedures, as well as specifications and configurations of the systems used.
Only open-source products supported by IBM were tested. The report also makes assumptive judgments, based on technical specifications, about the outcome of the tests had alternative products been used.
The LTIC looked at network, web and host-based security functions, including intrusion detection, firewalling, auditing and logging, user authentication, remote scanning and system hardening, finding in all cases that Linux software alone can secure a middleware environment.
The company said the test results are further evidence that open-source technologies are now setting the standards for software security.