Skip Navigation Links | |
Exit Print View | |
Oracle VM Server for SPARC 3.0 Security Guide Oracle VM Server for SPARC |
1. Oracle VM Server for SPARC Security Overview
2. Secure Installation and Configuration of Oracle VM Server for SPARC
3. Oracle VM Server for SPARC Security Features
Perform the following tasks after you install the Oracle VM Server for SPARC software to maximize secure usage:
Configure the control domain with the required virtual I/O services, such as the virtual switch, virtual disk server, and virtual console concentrator services. See Chapter 4, Setting Up Services and the Control Domain, in Oracle VM Server for SPARC 3.0 Administration Guide.
Configure guest domains. See Chapter 5, Setting Up Guest Domains, in Oracle VM Server for SPARC 3.0 Administration Guide.
You can use a virtual switch to configure guest domains by means of an administrative network and a production network. In this case, a virtual switch is created by using the production network interface as the virtual switch network device. See “Counter Measure #13: Dedicated Management Network” in Secure Deployment of Oracle VM Server for SPARC.
The security of a guest domain becomes compromised when any of its virtual disks are compromised. So, ensure that virtual disks (network-attached storage, locally stored disk image files, or physical disks) are stored in a secure location.
The vntsd daemon is disabled by default. When this daemon is enabled, any user who is logged in to the control domain is permitted to connect to a guest domain's console. To prevent this type of access, ensure that the vntsd daemon is disabled, or use RBAC to limit console connectivity access only to sanctioned users.
The service processor (SP) is configured securely by default. For information about using the Integrated Lights Out Management (ILOM) software to manage the SP, see the documentation for your platform at http://www.oracle.com/technetwork/documentation/sparc-tseries-servers-252697.html.