If you are installing a non-networked workstation, you can skip this step.
For help in planning network hardware, see "Planning Your TCP/IP Network" in System Administration Guide, Volume 3.
As in any client-server network, you need to identify hosts by their function (server or client) and configure the software appropriately. The following table lists servers you may need to create and their function. For more information, see System Administration Guide: Basic Administration.
Table 1-2 Possible Servers in a Trusted Solaris Environment
Create ... |
If You Plan to ... |
---|---|
Audit data server |
Enable auditing |
Audit administration server |
Analyze the audit trail |
File server |
Centrally locate files for general use |
Install server |
Install over the network or use Custom JumpStart scripts |
DNS server |
Resolve internet names and addresses outside your local network |
Home directory server |
Enable remote mounting of users' home directories. Required in a name service environment. |
Mail server |
Funnel mail to end user workstations from a central location |
Network gateway |
Operate an Failed Cross Reference Format |
Name Service Servers |
Establish a NIS or NIS+ domain |
Print server |
Print hard copy |
To plan the system administration aspects of servers, see the administration guides in the Solaris 8 System Administrator Collection including:
System Administration Guide, Volume 1
System Administration Guide, Volume 2
If your network is open to other networks, you need to specify accessible domains and workstations, and identify which Trusted Solaris hosts will serve as gateways to access them. You need to identify the Trusted Solaris accreditation range for these gateways, and the sensitivity label at which data from other hosts may be viewed. Trusted Solaris software recognizes four labeled host types, including Trusted Solaris (sun_tsol), and provides eleven templates by default, as shown in Table 1-3. The unlabeled template names correspond to the label names in the demo label_encodings(4) file installed from the Trusted Solaris CD.
Table 1-3 Templates Provided with Trusted Solaris Network Software
Host Type |
Template Name |
Purpose |
|
---|---|---|---|
|
Unlabeled |
admin_low |
For initial boot, before the host is configured with Trusted Solaris software. |
|
|
unclassified |
For hosts or networks that send unlabeled packets, for example, SUN workstations running Solaris software. |
|
|
confidential |
|
|
|
secret |
|
|
|
top_secret |
|
Labeled |
|
|
|
|
Trusted Solaris (sun_tsol) |
tsol |
For Trusted Solaris 2.5.1, 7, and 8 hosts or networks. |
|
tsol_ripso |
For Trusted Solaris 2.5.1, 7, and 8 hosts or networks that label packets with the RIPSO security option. |
|
|
|
tsol_cipso |
For Trusted Solaris 2.5.1, 7, and 8 hosts or networks that label packets with the CIPSO security option. |
|
TSIX |
tsix |
For TSIX(RE1.1) hosts or networks. |
|
CIPSO |
cipso |
For hosts or networks that send CIPSO packets. |
|
RIPSO |
ripso_top_secret |
For hosts or networks that send RIPSO Top Secret packets. |
The tnrhtp(4) man page gives complete descriptions of each host type with several examples.