Sun Microsystems said its Solaris 10 operating system will be ready for general release by year's end, complete...
with a sharper set of security teeth.
Paul Sangster, senior Solaris security architect for the Santa Clara, Calif.-based company, touted Solaris 10's security improvements during a roundtable discussion at Sun's Burlington, Mass., offices Monday, saying, "Security touches everything we do, and in designing Solaris 10 we made the assumption that the Web server is sloppy" and in need of extra layers of protection.
He said those extra layers include:
- N1 grid container technology
- Extensive cryptographic services
- Stronger user rights management
- A stronger IP filter
"I expect IT administrators will greatly appreciate the N1 grid container zone feature and the user rights management privilege feature," Sangster said. "These features enable (them) to much more tightly protect their services, even in the face of an attacker exploiting a known hole in some third-party software that was deployed but not yet patched. The combination of these features will greatly limit the potential damage to the system down to the contents of a single zone and greatly restrict which, if any, resource can be affected. It also allows customers to run intrusion detection software on the end system, which attackers can't detect or tamper with."
He said the N1 grid container technology will allow users to create up to 4,000 secure, fault-isolated software partitions, each with its own IP address, memory space, file area, host name and root password.
Solaris 10 has been in development for two and a half years, and has slowly been made available to customers in recent months. Glenn Weinberg, vice president of Sun's operating platforms group, called Solaris 10 "our most significant release yet." He said the source code is more compatible with other platforms from Sun and from third parties, including SPARC, AMD64 and x86. He added that Linux applications can run unmodified on Solaris.
Weinberg added that the capabilities in Trusted Solaris have been folded into Solaris 10. "Trusted Solaris has been used in government but has been separate from the standard Solaris," he said. "We started this integration with Solaris 8, and Solaris 10 completes the move."
James Dobson, system architect for Dartmouth College in Hanover, N.H., talked about the success the institution's psychology department has had in using a version of Solaris 10. Pointing to the operating system's improved interoperability, Dobson said, "We use multiple applications and platforms and Solaris 10 is working smoothly with all of these. We've had zero problems."
More details on Solaris 10 can be found on the company's Web site.
Dig Deeper on Alternative OS security: Mac, Linux, Unix, etc.