sunrise.uk.com Enquiry formContact Us
Sunrise
    
Sunrise  Products & Solutions

Products & Solutions



  Products & Solutions

   HPC Servers
   High-End Servers
   Midrange Servers
   Netra Servers
   Workgroup Servers
   Workstation
   Sun Storage
   Desktop Towers
   Rack Mount
   RAID
   E-Series RAID
   Economy RAID
   JBOD
   NAS
   SAN
   Tape Backup
   PCI Cards
   Sun Refurbished
   Sun Parts
   Image Gallery
   Software

  Support & Services

  Rental Services

  Datasheets/Downloads

  FAQ

  Glossary

  Contact Sunrise

  About Sunrise

Sunrise offers New and Refurbished Sun branded products and solutions. For further information and quotation of products displayed on our web site, please drop an eamil to sales@sunrise.uk.com







 
Feature
Function
Benefit
Solaris[tm] Secure Shell
New in 9
Secure Shell is a multi-platform replacement for the traditional rsh, rlogin, rcp, and telnet commands. This integration increases security within the enterprise by assuring that interactive sessions with the Solaris OE are encrypted and strongly authenticated. Secure Shell allows for strong authentication of both the client and server machines as well as userids. It provides a secure method for system access including a lightweight VPN.
Allows for enhanced security through encryption of sensitive sessions.
IPSec & IKE
New in 9
IPSec is the encryption of IP traffic and a key technology on VPNs. Internet Key Exchange (IKE) automates key management for IPSec. IKE replaces manual key assignment and refreshment on an IPv4 network. The Solaris 9 OE now ships with 128-bit encryption by default.
IPSec increases security between both servers and communication channels so that only authorized parties can communicate with them. IKE simplifies the set-up and management of large numbers of secure networks.
Kerberos v5 Server
New in 9
Kerberos is a standards-based solution to secure single sign-on for both applications and operating systems. Kerberos v5 server includes the principal administration system, the Key Distribution Center, and the principal database replication system. In the Solaris 9 OE, the Kerberos V Key Distribution Center and kerberos-ready client software (including telnet, rlogin, rsh, and rcp) can be configured at install time and administered through a convenient graphical user interface.
Improved system security with single sign-on for applications and systems. Bundles functionality previously available in a separate product, Sun Enterprise Authentication Mechanism[tm] software (SEAM). It is standards based so it interoperates with MIT Kerberos and Microsoft's Active Directory, simplifying deployment across heterogeneous environments and increasing interoperability.
SunScreen[tm] 3.2 Firewall
New in 9
Sun's highly scalable and feature rich enterprise class firewall is included with the Solaris 9 OE. Some of the key features are:
  • Stateful packet filter
  • Configurable as a Stealth and Routing mode firewall
  • Standalone IPSec/IKE
  • Centralized management facility
  • Failover functionality (HA)
  • Proxy Services for telnet, ftp, http and smtp with TrendMicro Anti-Virus scan
  • Network Address Translation
    		•
    The integrated firewall provides both host-based and network-based access control capabilities. There is no need to purchase an additional firewall product resulting in cost savings.
    Pluggable Authentication Modules (PAM) Enhancements
    New in 9
    The PAM framework has been changed to consist of more modular, smaller shared object files. The PAM API has not been changed. Isolation from naming services is greater. Specifically, the framework has been enhanced to allow customers to concentrate on developing their own solution without needing to manipulate many of the naming service and authentication details.
    Customers or developers now have the flexibility to write their own Pluggable Authentication Modules to enhance and control logins to the Solaris OE. Examples of such enhancements are dictionary checking of passwords, password history, etc.
    Random Number Generator
    New in 9
    Integration of /dev/random into the Solaris OE for both kernel and user based applications. This implementation also hides details of hardware verses software based random number generators. The utility is provided for both kernel-level and traditional user-level applications.
    Since the strength of encryption and security is dependent on the quality of the random number generator, this feature significantly improves randomness of numbers generated resulting in improved security.
    Secure LDAP
    New in 9
    The Solaris LDAP client has been enhanced to support SSL and DIGEST-MD5 encryption. Secure LDAP allows the naming of objects and secure access to the naming service. It provides a flexible attribute mapping schema, and is architected for complete password management support via the directory server.
    Provides better security over previous releases. Passwords are no longer exchanged on systems in the clear.
    System Minimization
    New in 9
    Operating system components are now divided into finer-grain packages. Sensitive utilities such as telnet and FTP are installed as their own packages and can be easily removed without impacting the rest of the Solaris OE.
    Provides greater flexibility in removing packages with security implications, resulting in easier implementation of a secure environment.
    Extended File Attributes
    New in 9
    Allows arbitrary data tags to be associated with files and system objects.
    Enables new security and other functionality to be added to files.
    TCP Wrappers
    New in 9
    TCP Wrappers capitalizes on the client-server relationship necessary for most TCP/IP applications by inserting itself into the middle of the relationship. Using its access control feature to authenticate hosts, it acts as the server until - using its access control feature - it authenticates the client/host. The well known TCP Wrapper application is fully integrated into the Solaris 9 Operating Environment.
    It provides an extremely effective method for monitoring and filtering incoming network requests for network services such as systat, finger, FTP, Telnet, rlogin, rsh, and more.
    Thread Safe BSM
    New in 9
    The Base Security Module (BSM) supports the creation of audit trails for kernel events in the Solaris 9 Operating Environment. Previously a single-threaded application, the Solaris 9 platform provides a multithreaded version of the audit daemon. The audit files can be used for billing, intrusion detection, or system usage reports. The Solaris Operating Environment auditing is fully supported in both the C and Java[tm] programming languages, and works well with the Solaris Management Console.
    Performance improvements versus previous versions of Solaris software are expected to be significant depending on exactly what is being audited.
    Enhanced Buffer Overflow Exploit Protection (Disable Stack Execution)
    New in 9
    The Solaris 9 Operating Environment reduces system vulnerabilities by preventing malicious code from executing and accessing other information on the stack. It provides the ability to prevent executable code from being written onto the stack and then executing it, typically using the return address that is also on the stack.
    Security is enhanced since it is much less likely to use a stack-based buffer overflow to run code on the stack and gain root access.
    Extensible Password Encryption
    Coming Soon
    Password encryption, normally supplied by 'crypt', can now be replaced by a user-supplied module.
    This is important where government or industry regulations require strong encryption for password storage.
    Role-based Access Control (RBAC)
    RBAC enables assigning rights to perform specific operations. RBAC separates system authority and controls the delegation of privileged operations to individual users. This allows individual, trusted users to assume a higher privilege for performing limited administration functions, and can be used to partition root privileges among a group of administrators.
    Minimizes the chance that any user will go beyond their realm of expertise and inadvertently - or intentionally- make a change that results in a system failure or breach of security.
    Generic Security Services Application Programming Interface (GSS-API)
    GSS-API is a security framework that enables applications to protect the data they transmit.
    Provides authentication, integrity and confidentiality services to applications. Security administrators can use this technology to protect a computer desktop or individual application by requiring users to authenticate themselves by means of a smart card.
    Smart Card Support
    The Solaris Smart Card feature implements the Open Card Framework (OCF) 1.1 standard.
    Provides authentication, integrity and confidentiality services to applications. Security administrators can use this technology to protect a computer desktop or individual application by requiring users to authenticate themselves by means of a smart card.



    © Copyright 2003 Sunrise Computer Maintenance Ltd.

    All SPARC® trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries.
    Products bearing SPARC trademarks are based on an architecture developed by Sun Microsystems, Inc.