This section contains information about specific security mechanisms offered by Oracle Solaris Cluster.
A secure installation uses the following critical security features:
Role-Based Access Control (RBAC) – Use the RBAC authorizations of solaris.cluster.modify, solaris.cluster.admin, and solaris.cluster.read to access the cluster. You must become an administrator who is assigned the User Security rights profile to change most of the security attributes of a role. For more information, see Managing the Use of Rights in Securing Users and Processes in Oracle Solaris 11.3 and Oracle Solaris Cluster RBAC Rights Profiles in Oracle Solaris Cluster 4.3 System Administration Guide .
New Nodes – Use the claccess command or clsetup utility with privileges to add a node to a cluster. For more information, see Chapter 8, Administering Cluster Nodes, in Oracle Solaris Cluster 4.3 System Administration Guide .
The default setting for access status is claccess deny-all. You should change this only when you want to perform a privileged operation, such as adding a new node. You should restore the deny-all status when you are finished. If you expect to make frequent changes to cluster configurations, you can ensure maximum trust for new systems by selecting a more secure authentication protocol using the /usr/cluster/bin/claccess -p protocol=authentication-protocol command. For more information, see the claccess(1CL) man page and Chapter 10, Configuring Network Services Authentication, in Managing Kerberos and Other Authentication Services in Oracle Solaris 11.3 .
Trusted Extensions – The Oracle Solaris Trusted Extensions feature can be enabled for use in a zone cluster. For more information, see Guidelines for Trusted Extensions in a Zone Cluster in Oracle Solaris Cluster 4.3 Software Installation Guide and How to Install and Configure Trusted Extensions in Oracle Solaris Cluster 4.3 Software Installation Guide .
Zone Clusters – A zone cluster is composed of one or more non-global zones of the solaris brand, the solaris10 brand, or the labeled brand set with the cluster attribute. A labeled brand zone cluster is only for use with the Trusted Extensions feature of Oracle Solaris software.
You create a zone cluster by using the clzonecluster command or the clsetup utility. You can run supported services on the zone cluster similar to a global cluster, with the isolation that is provided by Oracle Solaris zones. For more information, see Creating and Configuring a Zone Cluster in Oracle Solaris Cluster 4.3 Software Installation Guide and Working With a Zone Cluster in Oracle Solaris Cluster 4.3 System Administration Guide .
Secure Connections to Cluster Consoles – You must establish secure shell connections to the consoles of the cluster nodes. For more information about the pconsole utility, see How to Connect Securely to Cluster Consoles in Oracle Solaris Cluster 4.3 System Administration Guide .
Common Agent Container – The Oracle Solaris Cluster Manager GUI uses strong encryption techniques to ensure secure communication between the Oracle Solaris Cluster management stacks on each cluster node. For more information, see Troubleshooting Oracle Solaris Cluster Manager in Oracle Solaris Cluster 4.3 System Administration Guide .
Logging – Oracle Solaris Cluster software uses the syslogd command to record error and status messages. Ensure that you set up the /etc/syslog.conf file to control where the messages are stored. You should also securely protect the log files, such as the /var/adm/messages file. For more information, see Administering the Cluster in Oracle Solaris Cluster 4.3 System Administration Guide .
Auditing – Oracle Solaris Cluster is enabled by default, as it is in the Oracle Solaris OS. Auditing stores all executed commands in the /var/cluster/logs/commandlog file, and you should set the protections on the file as appropriate. For more information, see How to View the Contents of Oracle Solaris Cluster Command Logs in Oracle Solaris Cluster 4.3 System Administration Guide .
Oracle Solaris OS Hardening – Oracle Solaris Cluster uses security hardening techniques to reconfigure the Oracle Solaris OS into a hardened state. Additionally, it can activate the Oracle Solaris system audit.