Tresys Brickwall Security Suite allows Linux administrators to take advantage of the power of Security Enhanced Linux (SELinux) without having to learn the SELinux policy language. Through the Tresys Brickwall Security Suite, you can customize the SELinux policy to create firewalls around each application on a machine. Access to network resources can be controlled at the individual process level. This insures that a vulnerability exploited in one application does not compromise the rest of the system.

The Tresys Brickwall Security Suite is available in three editions: Standard Edition which is available as a free download; Professional Edition which extends the management capabilities on a single machine; and Enterprise Edition which provides the ability to manage multiple groups of systems across a network.

Tresys Brickwall Standard Edition Features:
Support for standard RHEL targets that cover many widely-used network-based applications.
Control network resource access by interface, host/IP address, and/or port for each application.
Security options management that allows you to modify many of the powerful SELinux policy items with simple on/off check boxes.
Configuration management controls that allow you to rollback to the default or previously used policies and import and export policies for backup or dissemination throughout the network.
Intuitive, easy-to-use GUI.
Available as a free download.

Tresys Brickwall Professional Edition Features:
Includes all features of the Tresys Brickwall Standard Edition.
Provides additional targets beyond the standard RHEL targets (ftp, ssh, and others).
Allows you to easily add access to specific files to applications.
Allows you to create custom targets for new applications with no knowledge of the SELinux policy language.
Information about the Tresys Brickwall Enterprise Edition is available on our other ISV page or at our website.