Securing the Network in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014

About Link Protection

With the increasing adoption of virtualization in system configurations, guest virtual machines (VMs) can be given exclusive access to a physical or virtual link by the host administrator. This configuration improves network performance by allowing the virtual environment's network traffic to be isolated from the wider traffic that is received or sent by the host system. At the same time, this configuration can expose the system and the entire network to the risk of harmful packets that a guest environment might generate.

    Link protection aims to prevent the damage that can be caused by potentially malicious guest VMs to the network. The feature offers protection from the following basic threats:

  • IP, DHCP, and MAC spoofing

  • L2 frame spoofing such as Bridge Protocol Data Unit (BPDU) attacks

Note - Link protection does not replace the deployment of a firewall, particularly for configurations with complex filtering requirements.