SRSS 4.1 on Solaris 10 5/09 With Trusted Extensions

Here's a detailed installation log for a simple SRSS 4.1, SRWC 2.1 on the latest release of Solaris 10 5/09 with Trusted Extensions.  Download a zip file with everything you need here.  After downloading & unzipping, you'll find the detailed installation & configuration instructions in this file: srss4.1-on-s10u7-tx-install-log.txt.

The installation is based on this example topology:

Comments:

Good example of SRSS and TX. Another example that I use personally is to setup the SRSS as part of a shared network and remote in via VPN using a DTU laptop (Accutech, General Dynamics Meteor, etc) and cellular connection. Besides the VPN, remote users access is further limited by the fact that the token on their smartcard is recognized by the SRSS not the DTU token. This reduces the chance for compromise should the DTU be stolen. The DTU also has a password. Once on the shared network (using an all-zones interface) the users can use SRWC to remote to other single level Windows networks using TX gateways that restrict access to the one level. My current setup has a Public zone that allows local (TX thick and thin client) and remote (thin clients only) users access to the Internet while isolating data at other levels, Internal Use Only, Need To Know, and Restricted. Need To Know and Restricted have several compartments each. This of course is not for government secrets but it does allow restricted access depending on the users credentials and assigned levels of access. This comes in handy when you don't want your data traveling with you on a laptop, iPhone, usb drive or other device that stores data. There are many other advantages to this and tied in with SGD makes for a pretty good arrangement when data isolation and auditing are important. Now if we can only get people to use TX outside of the government.Love your blog keep up the good work.

Posted by David Gaines on June 08, 2009 at 09:30 AM PDT #

Thanks for the kind note, David. Appreciate you taking the time to write up an excellent, non-gov't example of using TX.

Posted by madhatter on June 08, 2009 at 11:49 AM PDT #

hallo as my name appear above am a clients using the solaris 10 in mycompany.but the problem is that in my selver when u switch on mysun server its takes to long to open it what is the problems of that?

Posted by benjamin nkila on July 20, 2009 at 07:34 PM PDT #

Post a Comment:
Comments are closed for this entry.
About

Think Thin is a collection of bloggers that work with Oracle's Virtual Desktop portfolio of products.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today