Accessing Oracle SuperCluster M6-32 Security Resources
Security Information for SuperCluster Components
Understanding Oracle SuperCluster M6-32 Security Guidelines
Understanding Hardware Security Guidelines
Network Security Considerations
Understanding Oracle SuperCluster M6-32 Security Settings and Services
Changing Passwords on Default User Accounts
Change Passwords on Default Accounts
Default User Accounts and Passwords
Change the Exadata Storage Server Passwords
Change the Ethernet Switch Password
Default TCP/IP Ports and Services
Keeping Oracle SuperCluster M6-32 Secure
Managing SuperCluster Security
Oracle ILOM for Secure Management
Oracle Identity Management Suite
Oracle Enterprise Manager Ops Center (Optional)
Workload Monitoring and Auditing
Database Activity Monitoring and Auditing
All of the security principles that are outlined in the SPARC M6-32 Servers Security Guide apply to the SPARC M6-32 servers in SuperCluster. This security guide is available at: http://www.oracle.com/goto/M6-32/docs
A physical domain (PDomain) operates like an independent server that has full hardware isolation from other PDomains in the server. A hardware or software failure on one PDomain does not affect the other PDomains on a server.
You can divide the server into two or four PDomains, depending on your application requirements. For example, you can divide the server into four PDomains, each running its own applications.
|
By default, the SPARC M6-32 OBP is not password-protected. You can enhance the security of the SPARC M6-32 by restricting access to the OBP by performing these actions:
Implement password protection.
Check for failed OBP logins.
Provide an OBP power-on banner.
The Oracle system firmware that runs on the SPARC M6-32 servers uses a controlled update process to prevent unauthorized modifications. Only the superuser or an authenticated user with proper authorization can use the update process.
WAN boot supports varying levels of security. You can use a combination of the security features that are supported in WAN boot to meet the needs of your network. A more secure configuration requires more administration, but also protects your system data to a greater extent.
For the Oracle Solaris 10 OS, refer to the information on securing WAN boot installation configuration in Oracle Solaris Installation Guide: Network-Based Installations at: http://docs.oracle.com/cd/E26505_01
For the Oracle Solaris 11 OS, refer to Securing the Network in Oracle Solaris 11 available at: http://www.oracle.com/goto/Solaris11/docs