Software and Hardware Requirements

Operating environment 

• Solaris 2.6, Solaris 7, Solaris 8 (with IPv4 only) in either 32-bit or 64-bit mode for SPARC and the Intel platform editions

• Trusted Solaris 8 (SPARC systems only)

Browsers supported:  

• A Java^TM-enabled Web browser compliant with JDK^TM, Release 1.1.3 or later

• HotJava^TM 1.1 running on the SPARC and Solaris Intel platform editions

• Internet Explorer 4.0 (with or without the Java plug-in) on the Windows platform

• Netscape 4.0.1 or higher, can be used for all administrative functions except those requiring local file access. (See below for system requirements for Internet Explorer and Netscape to run Java plug-ins.)

Hardware 

• All SPARCstation(TM) workstations, UltraSPARC, and Intel systems supported by Solaris 2.6, Solaris 7, and Solaris 8 operating environments

• All SPARCstations and UltraSPARC systems supported by Trusted Solaris 8

Disk space 

Minimum of 1 Gbyte (with at least 300 Mbytes unused). This space is needed for the following:

• configuration database = /etc/sunscreen = 10 MB [Can grow larger over the course of hundreds of policy or configuration changes]

• logs and temporary files = /var/sunscreen = 120 MB [Can grow larger if the SunScreen log size parameter is increased from its default of 100 MB]

• internal files = /usr/lib/sunscreen = 50 MB

• man pages = /usr/share/man = 1 MB

Memory 

• For administration software installation: a minimum of 32 Mbytes is required and 64 Mbytes is strongly recommended.

• For Screen-only software installation: a minimum of 32 Mbytes.

Network interfaces supported 

For the Screen: [The Screen can support up to 15 stealth interfaces at one time.Stealth configurations do not support ATM, FDDI, token ring, or the use of proxies. SunScreen HA in routing mode does not support FDDI, token ring, ATM, Gigabit Ethernet, or failover of IKE-based IPsec connections]

1. For SPARC and UltraSPARC systems in routing mode:

   • 10-Mbps or 100-Mbps Ethernet interfaces (le, qe, hme, be, qfe, pnet)

   • Gigabit Ethernet (ge) interfaces

   • Token Ring interfaces (trp)

   • ATM (155 and 622 Mbps) in LAN emulation mode (lane) or classic IP mode (ba)

   • FDDI (nf), or PCI-based Ethernet cards

2. For SPARC and UltraSPARC systems in stealth mode: 10-Mbps, 100-Mbps, Fast Ethernet, or Gigabit Ethernet interfaces

3. For Intel-based systems: 10 Mbps or 100 Mbps Ethernet interfaces (dnet, elxl)

4. High availability requires that the two machines be connected by means of a non-switching hub. [Some switches, including Alteon, Radware's Fireproof, and Foundry's ServerIron, can be configured to work with SunScreen HA clusters. Each Screen is set up as an individual Screen, with different IP addresses, and no interconnect. You can use as many Screens as the switch supports. Note that because SunScreen is a stateful firewall, TCP connections do not failover. ]

For the Administration Station: [A remote Administration Station can connect directly to a Screen only through an Ethernet local area network (LAN) or a fiber distributed data interface (FDDI). ]

1. For SPARC systems: 10-Mbps or 100-Mbps Ethernet interfaces (le, qe, hme, be, qfe), or FDDI, or PCI-based Ethernet cards.

   An Administration Station can connect to the Screen by an asynchronous transfer mode (ATM) or Token Ring LAN, but only after it is connected directly to the network by way of an Ethernet or FDDI connection first.

2. For Solaris Intel Edition systems: 10-Mbps or 100-Mbps Ethernet interfaces (dnet, elxl).

Media 

CD-ROM drive (and a diskette drive, if you are using certain types of CA-issued certificates).