System News for Sun Users - The Blog

Mandatory Access Control and the Solaris OS

President and COO of Sun Microsystems Federal Bill Vass writes about developments at Sun in the area of enforcing Mandatory Access Control (MAC) with virtualization to confine Internet services with simple security configurations using the Solaris OS. Featured in the blog are the remarks of senior Sun researchers John Weeks and John Totah that explain how, in addition to enforcing MAC provisions, they also layered the MAC protection with what users ordinarily expect from employing all of the other Solaris security features combined with virtualization, eg. zones, and Internet community sponsored configuration guidelines such as the Center for Internet Security (CIS) benchmarks.

(Get More Information . .)

Learn More About the Open Source Continuous Integration Server

Hudson is an open source continuous integration (CI) server, initially developed by Sun, that brings a new level of efficiency and productivity to collaborative software development. By automating the build-and-test process, Hudson saves time, cuts errors and risks, and brings a higher level of transparency to projects. This paper describes the capabilities of Hudson, compares Hudson’s key features to those of competitive offerings, and summarizes why Hudson has quickly become the industry’s most widely adopted open source CI server.

(Get More Information . .)

On Amazon EC2’s Cloud Computing Service

There is a new release of hardened OpenSolaris 2008.11 AMI on Amazon EC2’s cloud computing service. It contains Drupal AMI with AMP stack. Installed and pre-configured on this publicly available AMI are Drupal v6.10, Apache v2.2, MySQL v5.0, and PHP v5.2. In his introduction of this release, Sun Distinguished Engineer and Chief Security Architect Glenn Brunette offers two points: 1) no security-relevant changes were necessary to Drupal; and 2) MySQL was modified to not listen on the network for connections.

(Get More Information . .)

Adds Encrypted Swap Memory and Auditing

Hardened OpenSolaris 2009.06 on Amazon EC2’s cloud computing service is now available with the new features: encrypted swap memory and auditing. This release is a 32-bit AMI optimized for Amazon EC2’s cloud computing environment. The hardening guidance for the OpenSolaris system configuration is based upon the work conducted by Sun and the Center for Internet Security (CIS). This project is affiliated with the Immutable Service Container project whose goal is to develop security reinforced virtual machine images.

(Get More Information . .)

Sun CIS Officer Leslie Lambert Shares Her Expertise

Corporate Information Security (CIS) officers currently face the daunting task of making their networks both accessible to those requiring access and inaccessible to those with no business to conduct. Sun CIS Officer Leslie Lambert offers some suggestions on how to find the right balance between access and denial.

(Get More Information . .)

Power, Security of OpenSolaris Optimized for Amazon EC2’s Cloud Computing

Hardened OpenSolaris 2008.11 on Amazon EC2’s cloud computing service is a 32-bit AMI optimized for Amazon EC2’s cloud computing environment. The hardening guidance for the OpenSolaris system configuration is based upon the work conducted by Sun and the Center for Internet Security (CIS) which was initially done for the Solaris 10 Operating System.

(Get More Information . .)