Home > Articles > Operating Systems, Server > Solaris

  • Print
  • + Share This
Like this article? We recommend

Securing the Sun Fire SC

In order to effectively secure an SC, changes are required for both the Solaris OE software running on the SC and the configuration of the Sun Fire 15K platform. To simplify the Solaris OE installation and deployment of these recommendations, customized modules have been added to the Solaris_ Security Toolkit software to automate the implementation of these recommendations. These new modules are available in version 0.3.2 of the Solaris Security Toolkit software.

Solaris Security Toolkit Software

The primary function of the Solaris Security Toolkit software (Toolkit) is to automate and simplify building secured Solaris OE systems based on the recommendations contained in this and the other security-related Sun BluePrints OnLine articles. In the context of this article, a module has been developed specifically to harden Sun Fire 15K SCs.

The Toolkit focuses on Solaris OE security modifications to harden and minimize a system. Hardening is the modification of Solaris OE configurations to improve the security of the system. Minimization is the removal of unnecessary Solaris OE packages from the system which reduces the number of components that have to be patched and made secure. Reducing the number of components can potentially reduce entry points to an intruder. However, minimization is not addressed, recommended, or supported on Sun Fire 15K SCs at this time.

The Sun Fire 15K SC module of the Solaris Security Toolkit software version 0.3.2, called sunfire_15k_sc-secure.driver, exclusively performs hardening tasks. No minimization of the Solaris OE is performed.

NOTE

Note – Configuration modifications for performance enhancements and software configuration are not addressed by the Toolkit.

The Toolkit was designed to be capable of hardening systems during installation; this is achieved by using the JumpStart_ technology as a mechanism for running the Toolkit scripts. Additionally, the Toolkit can also be run outside the JumpStart framework in a standalone mode. This standalone mode allows the Toolkit to be used on systems that require security modifications or updates but cannot be taken out of service to reinstall the OS from scratch.

The Sun Fire 15K SC module of the Toolkit can be used in either standalone or JumpStart mode to secure an SC. The module automates the hardening recommendations made in this article.

The latest version of the Solaris Security Toolkit is available from:

http://www.sun.com/security/jass
  • + Share This
  • 🔖 Save To Your Account