Oracle® Solaris 11.2 Security Compliance Guide

Exit Print View

Updated: July 2014

Compliance Measurement

To measure security compliance, hereafter called compliance, requires a security benchmark or profile, a measurement of compliance to that benchmark, called an assessment, and then a report of the findings. The report can also be printed in guide form for training or archiving purposes.

    Oracle Solaris provides scripts that measure two security profiles in the Solaris benchmark.

  • The Baseline profile of the Solaris benchmark closely matches the default SBD installation of Oracle Solaris.

  • The Solaris Recommended profile satisfies organizations with stricter security requirements than the Baseline profile.

    These profiles nest. Systems that comply with the Recommended profile comply with the Baseline profile.

The PCI DSS benchmark measures your system's compliance to the PCI DSS standard. Because PCI DSS requirements do not have direct code links, you must examine the report for compliance. For more information, see Meeting PCI DSS Compliance with Oracle Solaris 11.