So, let me re-phrase the question. What significant difference is there (if any) between RH8/9 outfitted compltetly open-source and RH secure server? Is secure server *NOT* open source. Can RH8/9 serve as a secure enterprise server system just as well as secure server? Is the fundamental difference the level of support?
Security is not a binary, yes-or-no thing; it is a spectrum where you can have more or less security (with tradeoffs in convenience and cost, among other factors). You can make a Red Hat server, using only the open-source packages supplied with the distro, a pretty secure choice. There are, additionally, packages to help you increase security such as Bastille Linux. So no, I don't think there is any real difference between a "normal" and "secure" Red Hat server other than careful configuration.
Alternately, there are other options for you. The NSA and HP both offer heavily-hardened products, and Trustix is a Linux OS very focused on security. These and many others are available for your consideration.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx
-- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/psyche-list
