Solaris Security - Yenra

New security solutions to protect computer networks against cyber threats

Sun

Sun Microsystems today announced new security solutions and technologies to address the growing tide of costly network security threats. The new offerings include features of the next-generation Solaris Operating System, Sun Managed Security Services, a Reference Solution for building secure global government computing networks and advanced features for the Sun Crypto Accelerator 4000 board.

"Dealing with security breaches is costing businesses and government more every year," said Scott McNealy, chairman, president and CEO of Sun Microsystems, Inc. "With the Java security model; Solaris, the gold standard for defense agency-grade operating systems; Java Card technology for secure smart card authentication; and the world-class Sun Java System Identity Server, we're delivering the industry's leading end-to-end strategy and architecture for trusted network computing."

Sun today announced advances in Solaris 10 technology that provide next-generation functionality for the Solaris Operating System. New advances include N1 Grid Containers, predictive self-healing technologies and important security enhancements. The security features, along with Sun's stateful packet filtering technology, help strengthen the already robust Solaris and Trusted Solaris OS, the only commercial operating system to be certified against the highest combination of assurance levels and protection profiles. The new security features include:

Process Rights Management - which limits access of processes and applications to system resources, allowing access and use to only the system resources that they need to get specific jobs done. This new feature also prevents a hacked application from corrupting the entire system.

Solaris Cryptographic Framework - a single framework for easier administration and common utilization of cryptographic routines in Solaris. The framework implements highly optimized crypto algorithms in the Solaris Operating System and is based on de facto PKCS #11 standard for compatibility with existing applications. This includes a unique load balancing capability to transparently access hardware accelerators and software crypto routines.

Minimized Install - a new option for installing the Solaris Operating System with no network services enabled and smaller disk usage. This feature works in conjunction with the free Solaris Security Toolkit for creating a security-hardened Solaris platform running just the services a customer needs.

IP Filter - based on the popular open source IP Filter firewall. This technology is integrated and supported in the Solaris 10 Operating System to provide a way to conduct stateful screening of network traffic in and out of the server, a workgroup of servers or a whole enterprise network. This allows customers to select which services on the network they can access as well as provide protection from potential hackers. Sun and VeriSign Provide Enterprises with Proactive Security Management to Deliver Early Warning, Incident Prevention and Response Services

Sun and VeriSign today announced a strategic alliance to deliver comprehensive, integrated network security solutions through the new Sun Managed Security Services (SMSS) offering. Expanding the Sun Managed Services portfolio, SMSS includes vulnerability assessment and around-the-clock management and security threat monitoring, leveraging VeriSign Intelligence and Control Services for Network Security.

"Through the Sun/VeriSign alliance, we can now bring to more enterprises Managed Security Services that allow them to see threats not just inside their corporate walls, but across the Internet as well," said Stratton Sclavos, chairman and CEO of VeriSign, Inc.

SMSS can be deployed as a standalone security solution or as a component of a comprehensive multisourcing strategy, giving the customer more choice and control over the solution than offerings from other vendors. It is the only integrated MSS offering that is SunTone certified, a mark of excellence in IT operations and management. SMSS will be available globally in February 2004 as a fixed-priced subscription service available in one- to three-year terms.

Sun also announced today a new Sun Reference Solution for Secure Network Access Platform, designed to provide highly secure, stable and efficient network configurations. This new solution is based on best practices from Sun customers such as the U.S. Department of Defense Joint Intelligence Center Pacific (JICPAC), which provided the business and technical requirements necessary to create the solution for role-based network access and secure collaboration.

The new Reference Solution for Secure Network Access Platform can provide immediate reductions in acquisition costs through the consolidation of multiple PC clients into a single Sun Ray client, and through improved end-user operations efficiencies in their secure information day-to-day workflow. On average, customers are able to replace up to six PC clients with a single Sun Ray client and network connection. This can substantially reduce the acquisition cost for new users and the long-term total cost of ownership.

Sun also announced today an important upgrade to its Sun Crypto Accelerator 4000 board that makes it more open and flexible for customers. Announced last year, the Sun Crypto Accelerator 4000 board is a hardware cryptography device that offloads security functions (both SSL and IPsec) from the system processor. As a result, customers do not need to purchase additional compute capacity to handle secure transactions. The Sun Crypto Accelerator 4000 board can execute up to 4300 SSL transactions per second, delivering 10 times faster processing performance compared to encryption executed using only software. The upgrade allows customers to configure the accelerator for either more security bandwidth or for more system resources, depending on their needs.