Core Security Principles
MiniCluster is a secure cloud infrastructure platform for application and database consolidation that delivers dedicated compute infrastructure as a service (IaaS) based cloud services. Built as a multi-purpose engineered system, MiniCluster combines the computing power of Oracle’s SPARC S7 processor, the efficient virtualization capabilities of SPARC Solaris, and the optimized database performance of Oracle database integrated with dedicated storage. In addition, a 10 GbE network allows clients to access services running on MiniCluster. A second 10 GbE network provides the conduit through which communication occurs between the VM environment on the SPARC S7 servers and hosted applications.
The SPARC S7 processor features always-on hardware-assisted cryptographic functionality. This functionality helps MiniCluster–hosted entities protect information with high-performance data protection at rest, in use, and in transit. The processor also features the Silicon Secured Memory capability, which detects and prevents attacks related to memory data corruption and memory scraping, thereby ensuring the integrity of application data.
MiniCluster is preconfigured with over 250 out-of-the-box security controls that reduce the attack surface of the system by performing these actions:
-
Disabling services, ports, and protocols that are not absolutely necessary.
-
Configuring the exposed services to accept only trusted connections.
The system supports a variety of configuration and deployment options. This figure illustrates a typical deployment that consolidates Oracle Database and applications workloads.
