Oracle SPARC SuperCluster and US DoD Security guidelines
Posted
by user12611852
on Oracle Blogs
See other posts from Oracle Blogs
or by user12611852
Published on Tue, 11 Sep 2012 16:56:55 +0000
Indexed on
2012/09/12
21:45 UTC
Read the original article
Hit count: 368
/Sun
I've worked in the past to help our government customers understand how best to secure Solaris. For my customer base that means complying with Security Technical Implementation Guides (STIGs) from the Defense Information Systems Agency (DISA). I recently worked with a team to apply both the Solaris and Oracle 11gR2 database STIGs to a SPARC SuperCluster. The results have been published in an Oracle White paper.
The SPARC SuperCluster is a highly available, high performance platform that incorporates:
- SPARC T4-4 servers
- Exadata Storage Servers and software
- ZFS Storage appliance
- InfiniBand interconnect
- Flash Cache
- Oracle Solaris 11
- Oracle VM for SPARC
- Oracle Database 11gR2
It is targeted towards large, mission critical database, middleware and general purpose workloads.
Using the Oracle Solution Center we configured a SSC applied DoD security guidance and confirmed functionality and performance of the system. The white paper reviews our findings and includes a number of security recommendations. In addition, customers can contact me for the itemized spreadsheets with our detailed STIG reports.
Some notes:
- There is no DISA STIG documentation for Solaris 11. Oracle is working to help DISA create one using their new process. As a result, our report follows the Solaris 10 STIG document and applies it to Solaris 11 where applicable.
- In my conversations over the years with DISA Field Security Office they have repeatedly told me, "The absence of a DISA written STIG should not prevent a product from being used. Customer may apply vendor or industry security recommendations to receive accreditation."
Thanks to the core team: Kevin Rohan, Gary Jensen and Rich Qualls as well as the staff of the Oracle Solution Center and Glenn Brunette for their help in creating the document.
© Oracle Blogs or respective owner