Additional Planning for Open Networks
If your network is open to other networks, you need to specify accessible domains and workstations, and identify which Trusted Solaris hosts will serve as gateways to access them. You need to identify the Trusted Solaris accreditation range for these gateways, and the sensitivity label at which data from other hosts may be viewed. Trusted Solaris software recognizes five labeled host types, including Trusted Solaris (sun_tsol), and provides eight templates by default, as shown in the following table.
Table 1-2 Templates Provided with Trusted Solaris Network Software|
Host Type |
Template Name |
Purpose |
|
|---|---|---|---|
|
Unlabeled |
unlab |
For hosts or networks that send unlabeled packets, for example, SUN workstations running Solaris software |
|
|
Labeled |
|
|
|
|
|
Trusted Solaris 2.5.1 (sun_tsol) |
tsol |
For Trusted Solaris 2.5.1 hosts or networks |
|
|
tsol_1 |
For TS2.5.1 and 7 hosts or networks that label packets with the RIPSO security option |
|
|
|
|
tsol_2 |
For TS2.5.1 and 7 hosts or networks that label packets with the CIPSO security option |
|
|
TSIX |
tsix |
For TSIX(RE1.1) hosts or networks |
|
|
MSIX |
msix |
For hosts or networks that run Trusted Solaris 1.2 software |
|
|
CIPSO |
cipso |
For hosts or networks that send CIPSO packets |
|
|
RIPSO |
ripso |
For hosts or networks that send RIPSO packets |
The tnrhtp(4) man page gives complete descriptions of each host type with several examples.
For more information on the security administration of servers, file systems, and network interfaces, see Trusted Solaris Administrator's Procedures.
- © 2010, Oracle Corporation and/or its affiliates