7.6 Ensure Strong Defenses

The Internet comprises hundreds of thousands of networks that are interconnected without boundaries. In today's business environment, you will rarely find any standalone servers that cater for meaningful business needs. Network sharing and data sharing have become an essential part of any enterprise system deployment. With the advancement of the Internet and interconnected networks, network security has become essential. Part of almost every organizational network is accessible from other computers across the world and is, therefore, potentially vulnerable to threats from individuals who might not have any physical access. Oracle Linux provides a network security architecture that is based on standard industry interfaces. As security technologies evolve, application developers do not have to modify their code if they use the standardized interfaces.

Oracle Linux provides standard industry interfaces for network security such as PAM, GSS-API, SASL, and PKCS#11, eliminating any need for you to write, maintain, and optimize cryptographic algorithms. Oracle Linux provides optimized cryptographic mechanisms as part of the operating system. This cryptographic framework is the backbone of cryptographic services in Oracle Linux and provides standard PKCS #11 interfaces to accommodate consumers and providers of cryptographic services.

Consumers of cryptographic services need not have any specific knowledge of the installed cryptographic mechanisms. Similarly, providers of cryptographic services can support different types of consumers. You do not have to write consumer-specific code in the providers.