If you are installing a non-networked system, you can skip this step.
For help in planning network hardware, see "Planning Your TCP/IP Network" in System Administration Guide, Volume 3.
As in any client-server network, you need to identify hosts by their function (server or client) and configure the software appropriately. The following table lists servers you may need to create and their function. For more information, see System Administration Guide: Basic Administration.
Table 1-2 Possible Servers in a Trusted Solaris Environment
Server |
Function |
---|---|
Audit data server |
Enable auditing |
Audit administration server |
Analyze the audit trail |
File server |
Centrally locate files for general use |
Install server |
Install over the network or use Custom JumpStart scripts |
DNS server |
Resolve internet names and addresses outside your local network |
Home directory server |
Enable remote mounting of users' home directories. Required in a name service environment. |
Mail server |
Funnel mail to end user hosts from a central location |
Network gateway |
Operate an open network |
Name Service Servers |
Establish a NIS or NIS+ domain |
Print server |
Print hard copy |
To plan the system administration aspects of servers, see the administration guides in the Solaris 8 System Administrator Collection including:
System Administration Guide, Volume 1
System Administration Guide, Volume 2
If your network is open to other networks, you need to specify accessible domains and hosts, and identify which Trusted Solaris hosts will serve as gateways to access them. You need to identify the Trusted Solaris accreditation range for these gateways, and the sensitivity label at which data from other hosts may be viewed. Trusted Solaris software recognizes four labeled host types, including a Trusted Solaris host type (sun_tsol), and provides eleven templates by default, as shown in Table 1-3. The unlabeled template names correspond to the label names in the demo label_encodings(4) file installed from the Trusted Solaris CD.
Table 1-3 Templates Provided with Trusted Solaris Network Software
|
Host Type |
Template Name |
Purpose |
---|---|---|---|
Unlabeled |
admin_low |
For initial boot, before the host is configured with Trusted Solaris software. |
|
|
|
unclassified |
For hosts or networks that send unlabeled packets, for example, Sun systems running Solaris software. |
|
|
confidential |
|
|
|
secret |
|
|
|
top_secret |
|
Labeled |
|
|
|
|
Trusted Solaris (sun_tsol) |
tsol |
For Trusted Solaris 2.5.1, 7, and 8 hosts or networks. |
|
tsol_ripso |
For Trusted Solaris 2.5.1, 7, and 8 hosts or networks that label packets with the RIPSO security option. |
|
|
|
tsol_cipso |
For Trusted Solaris 2.5.1, 7, and 8 hosts or networks that label packets with the CIPSO security option. |
|
TSIX |
tsix |
For TSIX(RE1.1) hosts or networks. |
|
CIPSO |
cipso |
For hosts or networks that send CIPSO packets. |
|
RIPSO |
ripso_top_secret |
For hosts or networks that send RIPSO Top Secret packets. |
The tnrhtp(4) man page gives complete descriptions of each host type with several examples.