Go to main content

Oracle® VM Server for SPARC 3.6 Administration Guide

Exit Print View

Updated: September 2019
 
 

Security for Migration Operations

    Oracle VM Server for SPARC provides the following security features for migration operations:

  • Authentication. Because the migration operation executes on two machines, a user must be authenticated on both the source and target machines in some cases. In particular, a user other than superuser must use the LDoms Management rights profile. However, if you perform a migration with SSL certificates, users are not required to be authenticated on both the target and source machines and you cannot specify another user.

    The ldm migrate-domain command permits you to optionally specify an alternate user name for authentication on the target machine. If this alternate user name is not specified, the user name of the user who is executing the migration command is used. See Example 61, Migrating and Renaming a Guest Domain. In either case, the user is prompted for a password for the target machine, unless the –p option is used to initiate a non-interactive migration. See Performing Non-Interactive Migrations.

  • Encryption. Oracle VM Server for SPARC uses SSL to encrypt migration traffic to protect sensitive data from exploitation and to eliminate the requirement for additional hardware and dedicated networks.

  • FIPS 140-2. You can configure your system to perform domain migrations to use the Oracle Solaris FIPS 140-2 certified OpenSSL libraries. See FIPS 140-2 Mode for Domain Migration.