MiniCluster is configured as a highly secure engineered system from the factory by default, and provides these security features:
Preconfigured with fully automated security controls for all virtual machines (VMs).
Encryption is enabled by default, ensuring secure data in rest and in transit.
VMs are automatically configured with a hardened and minimized OS with host-based firewalls. You can use the BUI to change firewall rules and use the BUI or the CLI to verify the rules.
Access control requires role based access with least privileges.
All VMs use encrypted ZFS storage.
Centralized key management facility, using PKCS#11, and support for FIPS.
Comprehensive audit policy with centralized audit logs.
The system and all of the VMs are configured to use PCI-DSS, CIS Equivalent, or DISA-STIG security profile.
Compliance dashboard that supports easy-to-run compliance benchmarks.
Immediately after the MiniCluster installation, the security administrator should perform these two required tasks:
Change the Oracle ILOM root password. See Change the Default Oracle ILOM root Passwords.
Review the security information in this guide to understand and verify the MiniCluster security features.