TOS stands for 'trusted operating system.' It can also be used to protect servers that are providing DNS, as well as file servers, database servers, proxy servers and mail servers. TOS can protect any static files, including whole directories, drives, Windows registries and, of course, web pages.
It also has an anti-kill function that can prevent the termination of important services, processes and daemons. TOS also prevents some hacks that aim to bring down the server by exploiting operating system bugs and bad web-application programming. TOS is available for servers running Windows XP/2000/ NT4, Linux, Sun Solaris, HP-UX, AIX, Tru64 and Unixware.
As far as securing the operating system is concerned, TOS enables you to protect the administrator account with two-factor authentication. With TOS, even authenticated super users cannot delete audit trails. TOS utilizes digital signature authentication technology hooked into the kernel of the operating system. This security kernel sets the limits to the system manager's authority to prevent even hackers with super-user (root or administrator) privileges from accessing the file system. Only the user with the digital signature key is allowed access to the system.
The agent software is installed on each server to be protected, while the manager software enables you to manage centrally all TOS agents on multiple servers by placing them in groups. You cannot deploy the agent software remotely but, once installed, security policy may be configured, updated and distributed remotely using TOS Manager.
TOS audits accesses to all system resources and can report these by file type, time, user, terminals and tasks - both successful and failed access attempts are logged.
There is a special FTP client that runs under Windows, whatever operating system TOS is running under. This client forces remote users to be authenticated by digital certificate technology. The FTP client also supports true two-factor authentication via an option to use a smartcard. Similarly, there is a Windows-based Telnet client that supports authentication via digital certificates. Together these two special clients allow remote maintenance to be carried out securely on protected web servers.