The Oracle Solaris 11.3 Information Library has been updated with new information about security, zones, and SPARC. If you do not see “July 2017” in the upper right corner of the library page, reload the browser page.
Security Recommendations: Quick Reference
Oracle Solaris security recommendations have been consolidated into an appendix for easy reference. Topics include security policy, physical security, software security, personnel security, common security violations, and administrative best practices. See “Site Security Policy and Enforcement” in Oracle Solaris 11 Security and Hardening Guidelines.
Oracle Solaris Kerberos V5 Protocol Based on Current MIT Kerberos
Oracle Solaris continues to embrace open standards by incorporating the latest version of the Kerberos V5 network authentication protocol from the Massachusetts Institute of Technology (MIT) into this release, thereby taking advantage of the general community's security and performance enhancements. The IPS package names are different, but this new version of Kerberos is binary compatible with the earlier 'SEAM' version of Kerberos. For transition information, see “Introduction to MIT Kerberos on Oracle Solaris” in Managing Kerberos and Other Authentication Services in Oracle Solaris 11.3.
Replacing Missing or Corrupted CA Certificates
Missing or corrupted certificates from a Certificate Authority (CA) can cause access and authentication problems for applications. Oracle Solaris now has a cryptographic keystore where you can replace corrupted certificates by following the instructions in “Adding CA Certificates to the Oracle Solaris CA Keystore” in Managing Encryption and Certificates in Oracle Solaris 11.3.
Immutable zones can be administered by temporarily changing the immutable zone to be writable, making your changes, and returning the immutable zone to read-only. Or, you can leave the zone immutable and access and modify administrative files through the Trusted Path. See “Configuring and Administering Immutable Zones” in Creating and Using Oracle Solaris Zones.
The Oracle Solaris 11.3 operating system is now qualified on the Fujitsu SPARC M12 platform. This platform adds new cryptographic algorithms and accelerates them in the hardware. See Fujitsu SPARC M12 Servers.
For more Oracle Solaris 11.3 documentation updates, see Do You Use Local IPS Package Repositories?