Chapter 1 Oracle VM Server for SPARC Security Overview
Chapter 2 Secure Installation and Configuration of Oracle VM Server for SPARC
Perform the following tasks after you install the Oracle VM Server for SPARC software to maximize secure usage:
Configure the control domain with the required virtual I/O services such as the virtual switch, virtual disk server, and virtual console concentrator services. See Chapter 4, Setting Up Services and the Control Domain, in Oracle VM Server for SPARC 3.1 Administration Guide .
Configure guest domains. See Chapter 5, Setting Up Guest Domains, in Oracle VM Server for SPARC 3.1 Administration Guide .
You can use a virtual switch to configure guest domains by means of an administrative network and a production network. In this case, a virtual switch is created by using the production network interface as the virtual switch network device. See Countermeasure: Configuring a Dedicated Management Network.
The security of a guest domain becomes compromised when any of its virtual disks are compromised. So, ensure that virtual disks (network-attached storage, locally stored disk image files, or physical disks) are stored in a secure location.
The vntsd daemon is disabled by default. When this daemon is enabled, any user who is logged in to the control domain is permitted to connect to a guest domain's console. To prevent this type of access, ensure that the vntsd daemon is disabled, or use rights to limit console connectivity access only to sanctioned users.
The service processor (SP) is configured securely by default. For information about using the Integrated Lights Out Management (ILOM) software to manage the SP, see the documentation for your platform at http://www.oracle.com/technetwork/documentation/sparc-tseries-servers-252697.html.