The Solaris OS version that is used to build the Portal Service on Application Server Cluster reference configuration is Solaris 10 8/07. However, the architecture and implementation is expected to be supported by later versions of the Solaris 10 operating system.
For maximum security of your portal service, use a minimized version of the Solaris 10 OS. Most implementations of the reference configuration portal service will be exposed to the Internet or some other public or untrusted network, which makes minimization especially important. If your portal service will be exposed to these conditions, you must reduce the Solaris OS installation to the minimum number of packages that are required to support the portal service components. This minimization of services, libraries, and component software increases security by reducing the number of subsystems that must be disabled, patched, and maintained.
Minimization increases the security of the computer systems, but it also limits the software that you can run on the computer systems. Therefore, you need to use the appropriate minimal configuration for your environment. Minimizing the operating system you use for a portal service involves the following:
Minimizing the Solaris OS on the computers that will be running the portal service components.
Hardening the Solaris OS on the computers that will be running the portal service components. Sun provides the Solaris Security Toolkit, which hardens a system by changing the system parameters, disabling any unused services, and providing a quick way to audit the system. The Toolkit is based on the field experience of security experts.
The operating systems that were used in testing the reference configuration described in this guide were installed with the minimal number of Solaris packages required to run the Java Enterprise System components, as described in the Platform Requirements and Issues in Sun Java Enterprise System 5 Release Notes for UNIX. Most of the required packages are included in the "Core System Solaris Software Group (SUNWCreq)." The additional packages needed are:
SUNWadmc
SUNWadmfr
SUNWadmfw
SUNWpl5u
SUNWxcu4
SUNWxcu6
SUNWctpls
SUNWmfrun
SUNWxwfnt
SUNWxwise
SUNWxwplr
SUNWxwplt
SUNWxwrtl