Solaris 11 compliance with DISA Security guidance

Disclaimer

This article should not be construed as a statement of compliance by Oracle or by DISA.  It is simply the result of a casual review of Solaris 11 against current DISA Security Guidelines

Some of my dedicated readers (I know you're out there) remember that back in Janauary of this year, I reviewed Solaris 11 for compliance to the DISA Security Technical Implementation Guidelines (STIGs).  The STIGs are written by DISA and used by the DoD community to ensure that systems are secured properly before connecting to the network.

With the release of Solaris 11 in November, I decided to update the document. 

Update: Thanks to Darren Moffat's comments I've updated the document as of 12/9/11. 

Download the PDF document to review

The great news is that the one item that I listed as RED in January has been fixed in the release of Solaris 11.  At that time, the installation scripts did not provide any way for /var to be mounted as a separate file systems as required by the scripts.  The default installation now automatically sets of /var as a separate ZFS data set.

Comments:

Nice write up, and I'm glad you pointed out the various mistakes in the SRR scripts, I go thru this every year with the auditors, who generally don't seem to have any sysadmin experience so trying to explain how the scripts are wrong and that yes my system is configured correctly per the checklist gets really frustrating.

Posted by guest on December 21, 2011 at 04:28 AM EST #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Jim Laurent is an Oracle Sales consultant based in Reston, Virginia. He supports US DoD customers as part of the North American Public Sector hardware organization. With over 17 years experience at Sun and Oracle, he specializes in Solaris and server technologies. Prior to Oracle, Jim worked 11 years for Gould Computer Systems (later known as Encore).

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today