Oracle SPARC SuperCluster and US DoD Security guidelines

Posted by user12611852 on Oracle Blogs See other posts from Oracle Blogs or by user12611852
Published on Tue, 11 Sep 2012 16:56:55 +0000 Indexed on 2012/09/12 21:45 UTC
Read the original article Hit count: 368

Filed under:

I've worked in the past to help our government customers understand how best to secure Solaris.  For my customer base that means complying with Security Technical Implementation Guides (STIGs) from the Defense Information Systems Agency (DISA).  I recently worked with a team to apply both the Solaris and Oracle 11gR2 database STIGs to a SPARC SuperCluster.  The results have been published in an Oracle White paper.

The SPARC SuperCluster is a highly available, high performance platform that incorporates:

  • SPARC T4-4 servers
  • Exadata Storage Servers and software
  • ZFS Storage appliance
  • InfiniBand interconnect
  • Flash Cache 
  • Oracle Solaris 11
  • Oracle VM for SPARC
  • Oracle Database 11gR2

It is targeted towards large, mission critical database, middleware and general purpose workloads. 

Using the Oracle Solution Center we configured a SSC applied DoD security guidance and confirmed functionality and performance of the system.  The white paper reviews our findings and includes a number of security recommendations.  In addition, customers can contact me for the itemized spreadsheets with our detailed STIG reports.

Some notes:

  • There is no DISA STIG  documentation for Solaris 11.  Oracle is working to help DISA create one using their new process. As a result, our report follows the Solaris 10 STIG document and applies it to Solaris 11 where applicable.
  • In my conversations over the years with DISA Field Security Office they have repeatedly told me, "The absence of a DISA written STIG should not prevent a product from being used.  Customer may apply vendor or industry security recommendations to receive accreditation."

Thanks to the core team: Kevin Rohan, Gary Jensen and Rich Qualls as well as the staff of the Oracle Solution Center and Glenn Brunette for their help in creating the document.

© Oracle Blogs or respective owner

Related posts about /Sun