After the Trusted Extensions software is enabled and the system is rebooted, the following security features are in place, in addition to the Oracle Solaris security features.
A label_encodings file is enabled and enforcing MAC.
Three Trusted Extensions network databases, tnrhdb, tnrhtp, and tnzonecfg are added. The tncfg command enables administrators to view and modify these trusted databases.
Trusted Extensions provides the txzonemgr utility to simplify the configuration and administration labeled zones.
Devices must be allocated for use.
For information about managing devices, see Managing Device Allocation in Securing Systems and Attached Devices in Oracle Solaris 11.4. For device labeling details, see the device_allocate(5) man page. The zone field specifies the currently allocated label and the label_range field is the available set of labels.
All zones are protected by labels and all users must have clearances.