Manage your eBusiness ! Trustix is a leading provider of Internet infrastructure software and services, providing next generation solutions for software and contents provisioning and management. GoldBox The Integrated Linux Solution for Small to Mid-Sized Businesses Brief Note on Trademarks TrustixTM, GoldBoxTM, XPloyTM, XSentryTM and Manage your eBusiness!TM are trademarks of Trustix AS. Linux is a registered trademark of Linus Torvalds. IBM eServers and IBM Small Business Suite for Linux are trademarks of IBM. All other brands or product names are trademarks or registered trademarks and property of their respective holders. Table of Contents The Goldbox Concept 4 Key elements 4 IBM Small Business Suite for Linux V1.6 contains: 5 Unique and important benefits of the XSentry firewall: 5 The XPloy key benefits: 5 Services 6 Technical Consulting Services: 6 Technical Support: 6 Training 6 The Goldbox Solution 7 “Goldbox-to-Market in Europe: 8 Appendix 10 Technical specifications - hardware: 10 IBM eSeries 220 (Goldbox LAN) 10 IBM eSeries 220 (Goldbox DMZ) 10 IBM eSeries 220 (Goldbox FW) 10 Technical specifications - TSL: 10 Technical specifications - XSentry: 11 Technical specifications - XPloy System Management Solution: 12 The Goldbox Concept The Goldbox is a mainstream Linux solution for the small to mid-sized business wishing to capitalize on the Linux value proposition of high reliability and low cost as effortlessly as possible and without risking operational glitches in an established computing environment. To this end the Goldbox solution offers customers powerful small business Linux software, leading edge Server hardware and professional technical consulting services for as long as needed. Goldbox combines Linux software products from IBM and Trustix that provide all of the essential components a small business needs to operate and manage its e-business integrated on the latest Intel based servers from IBM. Trustix, IBM and regional technical consulting partners offer on going technical services to help customers maximize the immediate efficiencies they extract from their new Linux environments and to help permeate Linux across their business infrastructures. The result is a powerful, turnkey IT infrastructure solution that will be up and running with Internet Services, a Mail server, File and Print services, etc, the same day the Goldbox arrives coupled with great technical support. Almost transparently the company’s staff will find their Windows based desktops running on and taking advantage of the Goldbox Servers. Key elements The IBM Small Business Suite for Linux provides all you need to run an e-business today and tomorrow. This unique suite equips you with world class, fully-tested applications including messaging, collaboration, Web serving, and managing e-business data. IBM Small Business Suite for Linux includes the three most requested servers: database, e-mail and web serving - which are packaged with three leading web design tools all wrapped in an automated application management wrapper that installs and perpetually manages each of software component for as long as you own them, called “TrIP” – Trustix Internet resource Provisioning. Note that in some publications, TrIP has also been presented under the name TXPI. TrIP manages all aspects of the Linux software that resides on a specific computer and across an entire network of computers when working with Trustix’s system management software XPloy. TrIP manages the initial system resource evaluation of the packaged software, pre-resolving any potential conflicts that might impede the software’s installation on the target computer. TrIP manages the transport of the software package, from virtually any distribution channel or medium, and any associated support components to the target computer and performs the actual installation. TrIP continues to maintain each software package over time performing updates and upgrades. TrIP even manages the software package’s removal ensuring all of its components are removed from the system without creating a conflict for any of the remaining software packages. IBM, Trustix and other key industry constituents are working together make TrIP an industry standard infrastructure for software transport and management. IBM Small Business Suite for Linux V1.6 contains: Lotus Domino Application Server for Linux V5.0.4 Lotus Notes for Windows V5.0.4 IBM DB2 Universal Database Workgroup Edition for Linux V7.1 IBM WebSphere Application Server for Linux V3.0.2 IBM HTTP Server for Linux V1.3.12 Lotus SmartSuite for Windows IBM WebSphere Studio Entry Edition V3.0.2 Lotus Domino Designer for Windows V5.0.4 IBM WebSphere Homepage Builder for Linux V4.0 Trustix has developed and released a suite of Linux based SW applications and middleware with a clear focus on reducing the complexity of managing and securing Linux systems. The key elements are the Trustix Secure Linux server distribution, TSL, the state-of-the-art firewall, XSentry, and the unique Linux Systems Management Tool, XPloy. Unique and important benefits of the XSentry firewall: 1.Xsentry has a unique easy-to-use intuitive and cost effective user interface, reducing costs and improving network security. 2.The firewall server runs on Linux (TSL), highly regarded for its performance, security and stability. 3.Many firewall servers can be managed remotely from a single console point without compromising the security of the firewall. 4.The firewall enables secure communication (VPN) between business networks over un-trusted networks, such as the Internet. These benefits make the XSentry firewall ideal for companies with a need to introduce a high degree of security in their business networks. The XPloy key benefits: 1.XPloy has a unique easy-to-use, intuitive, scalable user interface that reduces the complexity and cost of managing Linux computing environments and services. 2.The XPloy client runs on both Linux and Microsoft Windows platforms, providing XPloy customers the flexibility needed to manage the businesses. 3.Many Linux servers can be managed remotely from one single point without compromising the security of the Linux server. 4.XPloy was developed with a modular architecture and is delivered with a large selection of modules for managing Local Area Networks, Extended Area Networks, a variety of security services and software applications. XPloy’s modular architecture makes it ease to add new modules as they become available and for customers to develop and integrate modules for managing proprietary services using the XPloy Software Development Kit. 5.XPloy dramatically extends the application management utilities of the TrIP infrastructure technology from managing a single computer to an entire network of computers. This means the installation and maintenance of the same application across multiple computers or the installation of distributed applications with specific elements targeted to specific computers. These benefits make XPloy well suited for customers who wants to deploy Linux into their business networks, but lack the necessary Linux competence in-house. Services Technical Consulting Services: Trustix, IBM and regional technical consulting partners offer on going technical services to help customers maximize the immediate efficiencies they extract from their new Linux environments and to help permeate Linux across their business infrastructures. The Service Provider partner in each local joint Goldbox program will represent such a partner. This partner should be able to provide hardware installation, Goldbox as well as related equipment, and both immediate and on-going Linux consulting services; custom software projects, XPloy and XSentry setup and general systems administration consulting. Technical Support: There are several different set-ups possible. One set-up is that support for the Goldbox solution is provided by IBM, Trustix and in some cases regional consulting services partners. IBM provides level 1 and 2 technical support for its’ server hardware and the IBM software components of the IBM Small Business Suite for Linux: Domino, DB2, Websphere and XPloy. Trustix provides level 2 technical support for XPloy and XSentry. Trustix, and in some cases regional consulting services partners provide level 3 technical support for the entire Goldbox solution. Trustix offers Goldbox customers technical support contracts with guaranteed response-times from 1 to 8 hours. A knowledgebase for all Trustix portfolio products, including the Goldbox solution, is accessible by Goldbox customers all over the world. Training Trustix has a well-established Linux technical expertise and will jointly develop and market a Linux training program with IBM, initially in Norway and soon throughout Scandinavia. The "Trustix Technical Training" program, available to Goldbox customers, is a 5 day course, offered at either the customers site or at a Trustix training facility, and includes: Basic Trustix Secure Linux (TSL) Basic internet services, running on TSL Certified XSentry firewall Operator (CXO) Certified XPloy Operator (CXPO) Successful completion of this training program results in a Goldbox Administrator Certification indicating that the recipient has the training to manage all aspects of a Goldbox solution; firewall, file/print server (LAN), DMZ-server with mail, DNS, and so on. The regional consulting services partners will also in many cases be able to offer such training. The Goldbox Solution The Goldbox solution is all about delivering a complete IT infrastructure to the Small Business market, or to the established enterprise with a decision to introduce a Linux segment in a safe and non-interruptive manner in their existing infrastructure. By combining IBM and Trustix software on IBM hardware, the Goldbox can be shipped directly to a customer, ready for use. XPloy XSentry XPloy DB2 Websphere Domino Linux OS (e.g RedHat 6.2) Websphere Linux OS (e.g. RedHat 6.2) “Goldbox-to-Market in Europe: In each country where the Goldbox push program is launched, it will typically take form of a collaboration between the local IBM Linux/Netfinity team, Trustix, a local Linux Service Provider, and a Logistics Partner. - IBM provides leading edge xSeries servers, the Small Business Suite for Linux software bundle, and Linux support contracts where relevant. - Trustix provides XSentry firewall, XPloy systems management software, and the Linux OS, all bundled and prepared in a Goldbox SW image ready for installation and preconfiguration. - The Logistics Partner, typically a Value Adding Distributor, will integrate the HW and SW components and to a certain degree preconfigure the Goldbox solution, and as well include the small business suite where relevant. The complete Goldbox solution is then offered through the reseller network of the Logistics Partner. IBM and Trustix will use sales resource helping to create demand at the reseller and end-customer level. - The Service Provider will deliver initial installation and roll-out services where necessary, Linux professional consulting services, remote administration services, Linux support contracts, etc. Key features and benefits of this joint co-operation are: 1.Customers can purchase a mainstream Linux solution, effortlessly and without risking operational glitches in an established computing environment. 2.Customers have access to traditional mainstream technical support channels from IBM and Trustix. 3.Customers have access to professional consulting services from the Service Provider or from resellers with Linux competence in the Logistics Partner’s network. This offering will help maximize the immediate efficiencies of the customer’s new Linux environments and to help permeate Linux across their infrastructures 4.Bringing the Goldbox to market through the IBM, Trustix , Service Provider and Logistics Partner sales channels. 5.Joint IBM, Trustix marketing and promotion programs. 6.Key step in a worldwide IBM / Trustix strategic partnership. a.A Wider European roll-out (UK, Germany, France) planned for Sep-Oct b.A U.S. roll-out expected before Oct. Appendix Technical specifications - hardware: IBM eSeries 220 (Goldbox LAN) Dual Pentium 933MHz 256MB ECC SDRAM 18.2GB Ultra160 SCSI HDD 12/24GB DDS/3 4mm Internal Tape Drive PCI Wide Ultra 160 SCSI Adapter PCI 10/100Mbit network interface card IBM eSeries 220 (Goldbox DMZ) Pentium 933MHz 256MB ECC SDRAM 18.2GB Ultra160 SCSI HDD 12/24GB DDS/3 4mm Internal Tape Drive PCI Wide Ultra 160 SCSI Adapter PCI 10/100Mbit network interface card IBM eSeries 220 (Goldbox FW) Pentium 933MHz 256MB ECC SDRAM 18.2GB Ultra160 SCSI HDD 12/24GB DDS/3 4mm Internal Tape Drive PCI Wide Ultra 160 SCSI Adapter 3 PCI 10/100Mbit network interface card Technical specifications - TSL: TSL is an Open Source server oriented Linux distribution with heavy emphasis on security and performance. TSL was specifically developed for Internet services and applications, i.e. web servers, mail servers, file servers and DNS servers. Linux kernel 2.2.19 (TSL 1.5) VPN Support IPSEC and X.509 Apache web server (managed by XPloy) SSL / SSH PHP Postfix (mail server) (managed by XPloy) SIMAP and SPOP Samba (managed by XPloy) Improved LBA support Improved RAID support Improved hardware detection LDAP BIND 8 DNS server (managed by XPloy) OpenBSD FTP server (managed by XPloy) PostgreSQL database engine NFS (managed by XPloy) NIS (managed by XPloy) Features: Anti-Spam No Services running by default Long password WAP Safe default configurations Mail filtering SWUP software upgrade package installer Technical specifications - XSentry: The XSentry Firewall is a premium solution for network security administration and provides a high performance, stable and secure firewall with a low total cost of ownership. The XSentry Firewall allows the customer to remotely administrate several firewalls from a single point administration client. The XSentry Firewall consists of: The XSentry Firewall Administration Client with a unique graphical interface for security administration. The XSentry Firewall Server with an integrated, secured and tailored firewall operating system, the Trustix Secure Linux. The Administration Client enables rapid and secure graphical modelling of network entities, and communicates in a secure way with the XSentry Firewall Server. Features: 3 Zones Port forwarding IPsec compliant VPN Remote administration of multiple XSentry Firewalls Network Address Translation (masquerading Multiple language support Technical Information: Packet filtering (IP chains) Linux kernel 2.2.17 FreeS/WAN 1.5 (VPN, IPSec) System Requirements Firewall Server: Intel Pentium 90 MHz or higher 32 MB RAM 1GB hard drive or more (SCSI recommended) IDE CD ROM 3 PCI network interface cards Performance: The performance mainly depends on the hardware specifications. Tested on an Intel Celeron 333 MHz and 128MB RAM using Intel EtherExpress Pro 100 network interface cards, the XSentry Firewall gave a loss than 5% on network performance. Technical specifications - XPloy System Management Solution: XPloy is the essential mainstream System Management Solution for Linux System Administrators addressing the overall cost of ownership of their IT infrastructure. The power and ease of using XPloy enables companies with just rudimentary Linux expertise and experience to take full advantage of the reliability and stability of Linux OS. With XPloy you can manage your servers anytime, from anywhere, securely including from a remote Internet connected console. The XPloy client module can run on a Linux or a Windows platform. Preferred distributions for XPloy clients are: RedHat 6.2, Mandrake 7.x and SuSE 6.4, 7.0 and Windows NT / 2000 and 9x. XPloy is very scalable, and you can manage thousands of Linux servers from a single XPloy GUI. The communications between the administration client and the Linux servers is strongly encrypted using SSL. Features: User administration Samba file/print administration Apache web administration Mail administration (Postfix or Sendmail) DHCP administration DNS administration Web proxy administration (Squid) Host Configuration administration NIS administration Software administration Services administration Securifier (port monitoring) Technical requirements for Linux servers managed by XPloy: Intel Pentium (150 MHz or higher) 64MB of RAM, more memory improves performance Minimum “available” hard-disk for typical installation is 150MB Recommended Linux distributions: TSL, RedHat 6.2, Mandrake 7.x, SuSE 6.4, 7.0 Trustix AS Trondheim, Norway June, 2001