| Skip Navigation Links | |
| Exit Print View | |
|
Trusted Extensions Configuration and Administration Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Trusted Extensions Configuration and Administration Oracle Solaris 11.1 Information Library |
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
Planning for Security in Trusted Extensions
Understanding Trusted Extensions
Understanding Your Site's Security Policy
Planning Who Will Configure Trusted Extensions
For International Customers of Trusted Extensions
Planning System Hardware and Capacity for Trusted Extensions
Planning Your Labeled Zones in Trusted Extensions
Trusted Extensions Zones and Oracle Solaris Zones
Zone Creation in Trusted Extensions
Applications That Are Restricted to a Labeled Zone
Planning for Multilevel Services
Planning for the LDAP Naming Service in Trusted Extensions
Planning for Auditing in Trusted Extensions
Planning User Security in Trusted Extensions
Forming an Install Team for Trusted Extensions
Resolving Additional Issues Before Enabling Trusted Extensions
Backing Up the System Before Enabling Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding the Trusted Extensions Feature to Oracle Solaris (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
Part II Administration of Trusted Extensions
6. Trusted Extensions Administration Concepts
7. Trusted Extensions Administration Tools
8. Security Requirements on a Trusted Extensions System (Overview)
9. Performing Common Tasks in Trusted Extensions
10. Users, Rights, and Roles in Trusted Extensions (Overview)
11. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
12. Remote Administration in Trusted Extensions (Tasks)
13. Managing Zones in Trusted Extensions
14. Managing and Mounting Files in Trusted Extensions
15. Trusted Networking (Overview)
16. Managing Networks in Trusted Extensions (Tasks)
17. Trusted Extensions and LDAP (Overview)
18. Multilevel Mail in Trusted Extensions (Overview)
19. Managing Labeled Printing (Tasks)
20. Devices in Trusted Extensions (Overview)
21. Managing Devices for Trusted Extensions (Tasks)
22. Trusted Extensions Auditing (Overview)
23. Software Management in Trusted Extensions
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Additional Security References
B. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
C. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Oracle Solaris Interfaces Extended by Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
D. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Oracle Solaris Man Pages That Are Modified by Trusted Extensions
After the Trusted Extensions software is enabled and the system is rebooted, the following security features are in place. Many features are configurable by the security administrator.
An Oracle label_encodings file is installed and configured.
A trusted desktop, Solaris Trusted Extensions (GNOME), creates a labeled windowing environment that provides administrative workspaces in the global zone. These workspaces are protected by the Trusted Path, visible in the trusted stripe.
As in the Oracle Solaris OS, rights profiles for roles are defined. As in the Oracle Solaris OS, root is the only defined role.
To use additional roles to administer Trusted Extensions, you must create the roles. During configuration, you create the Security Administrator role.
Three Trusted Extensions network databases, tnrhdb, tnrhtp, and tnzonecfg are added. The tncfg command enables administrators to view and modify these trusted databases.
Trusted Extensions provides GUIs to administer the system. For a full list, see Chapter 7, Trusted Extensions Administration Tools.
The txzonemgr script enables administrators to configure Trusted Extensions zones and networking. For more information, see the txzonemgr(1M) man page.
The Device Manager manages the allocation and labeling of attached devices.
|