Tuesday Sep 18, 2012

New Solaris 11 book available

A new Solaris 11 book is now available.  Congratulations to my colleague in the Oracle Public Sector Hardware sales organization "Dr. Cloud" Harry Foxwell and his co-writers on publishing Oracle Solaris 11 System Administration The Complete Reference

Table of contents

1 The Basics of Solaris 11
2 Prepare a System for Solaris
3 Installation Options
4 Alternative Installations for Enterprise
5 The Solaris Graphical Desktop Environment
6 The Service Management Facility
7 Solaris Package Management "Image Packaging System"
8 Solaris at the Command Line
9 File systems and ZFS
10 Customize the Solaris Shells
11 Users and Groups HF
12 Solaris 11 Security
13 Basic System Performance Tuning
14 Solaris Virtualization
15 Print Management
16 DNS and DHCP
17 Mail Services
18 Mgmt of Trusted Extensions
19 The Network File System
20 The FTP Server
21 Solaris and Samba

22 Apache and the Web Stack

Buy one today

Tuesday Sep 11, 2012

Oracle SPARC SuperCluster and US DoD Security guidelines

I've worked in the past to help our government customers understand how best to secure Solaris.  For my customer base that means complying with Security Technical Implementation Guides (STIGs) from the Defense Information Systems Agency (DISA).  I recently worked with a team to apply both the Solaris and Oracle 11gR2 database STIGs to a SPARC SuperCluster.  The results have been published in an Oracle White paper.

The SPARC SuperCluster is a highly available, high performance platform that incorporates:

  • SPARC T4-4 servers
  • Exadata Storage Servers and software
  • ZFS Storage appliance
  • InfiniBand interconnect
  • Flash Cache 
  • Oracle Solaris 11
  • Oracle VM for SPARC
  • Oracle Database 11gR2

It is targeted towards large, mission critical database, middleware and general purpose workloads. 

Using the Oracle Solution Center we configured a SSC applied DoD security guidance and confirmed functionality and performance of the system.  The white paper reviews our findings and includes a number of security recommendations.  In addition, customers can contact me for the itemized spreadsheets with our detailed STIG reports.

Some notes:

  • There is no DISA STIG  documentation for Solaris 11.  Oracle is working to help DISA create one using their new process. As a result, our report follows the Solaris 10 STIG document and applies it to Solaris 11 where applicable.
  • In my conversations over the years with DISA Field Security Office they have repeatedly told me, "The absence of a DISA written STIG should not prevent a product from being used.  Customer may apply vendor or industry security recommendations to receive accreditation."

Thanks to the core team: Kevin Rohan, Gary Jensen and Rich Qualls as well as the staff of the Oracle Solution Center and Glenn Brunette for their help in creating the document.  You should also review SPARC SuperCluster T4-4 Platform Security Principles and Capabilities by Glenn and others in Oracle's Enterprise Solution Group.

About

Jim Laurent is an Oracle Sales consultant based in Reston, Virginia. He supports US DoD customers as part of the North American Public Sector hardware organization. With over 17 years experience at Sun and Oracle, he specializes in Solaris and server technologies. Prior to Oracle, Jim worked 11 years for Gould Computer Systems (later known as Encore).

Search

Archives
« September 2012 »
SunMonTueWedThuFriSat
      
1
2
3
4
5
6
7
8
9
10
12
13
14
15
16
17
19
20
21
22
23
24
25
26
27
28
29
30
      
Today