Great Solaris Security recommendations by Glenn Brunette
By user12611852 on Jan 07, 2008
- Solaris has had its auditing facility in place since Solaris 2.3, but I can't even begin to count how often I talk with people who do not know that it exists. (I frequently get this question)
- Zones are IMHO one of the most significant security features in the Solaris 10 OS. Kernel and most user-land forms of root kits are essentially rendered non-effective when running your applications in a sparse-root non-global zone. (I even recommend to customer when only running one application on a box to run it in a local zone for enhanced security.)
- For those wanting something a little more advanced, you can use RBAC to implement a two-person (or four-eyes) access control scenario. (An excellent recommendation for security conscious DoD customers
He also points you to a number of learning resources on Solaris:
- Solaris 10 Security Home Page
- Solaris 10 Security Learning Center
- Solaris 10 Security Best Practices
- Solaris Security Library
- Solaris Security Presentations
- OpenSolaris Security Community
- Sun Blogs (tagged Solaris + Security)
Why should you care?
You chose Solaris because of its stellar reputation for security. Don't be "living in the 90s." Take the time to learn the new features of Solaris 10 so that you can build and maintain a more robust and secure infrastructure for your organization.