Document Information
Preface
Part I Initial Configuration of Trusted Extensions
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Solaris Trusted Extensions Software to the Solaris OS (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
Part II Administration of Trusted Extensions
7. Trusted Extensions Administration Concepts
8. Trusted Extensions Administration Tools
9. Getting Started as a Trusted Extensions Administrator (Tasks)
10. Security Requirements on a Trusted Extensions System (Overview)
11. Administering Security Requirements in Trusted Extensions (Tasks)
12. Users, Rights, and Roles in Trusted Extensions (Overview)
13. Managing Users, Rights, and Roles in Trusted Extensions (Tasks)
14. Remote Administration in Trusted Extensions (Tasks)
15. Trusted Extensions and LDAP (Overview)
16. Managing Zones in Trusted Extensions (Tasks)
17. Managing and Mounting Files in Trusted Extensions (Tasks)
18. Trusted Networking (Overview)
19. Managing Networks in Trusted Extensions (Tasks)
20. Multilevel Mail in Trusted Extensions (Overview)
21. Managing Labeled Printing (Tasks)
22. Devices in Trusted Extensions (Overview)
23. Managing Devices for Trusted Extensions (Tasks)
24. Trusted Extensions Auditing (Overview)
25. Software Management in Trusted Extensions (Tasks)
A. Site Security Policy
Creating and Managing a Security Policy
Site Security Policy and Trusted Extensions
Computer Security Recommendations
Physical Security Recommendations
Personnel Security Recommendations
Common Security Violations
Additional Security References
B. Using CDE Actions to Install Zones in Trusted Extensions
Associating Network Interfaces With Zones by Using CDE Actions (Task Map)
Preparing to Create Zones by Using CDE Actions (Task Map)
Creating Labeled Zones by Using CDE Actions (Task Map)
C. Configuration Checklist for Trusted Extensions
Checklist for Configuring Trusted Extensions
D. Quick Reference to Trusted Extensions Administration
Administrative Interfaces in Trusted Extensions
Solaris Interfaces Extended by Trusted Extensions
Tighter Security Defaults in Trusted Extensions
Limited Options in Trusted Extensions
E. List of Trusted Extensions Man Pages
Trusted Extensions Man Pages in Alphabetical Order
Solaris Man Pages That Are Modified by Trusted Extensions
Glossary
Index
|
I
- icon visibility
- in the File Manager, Trusted Processes in the Window System
- in the Workspace Menu, Trusted Processes in the Window System
- IDLECMD keyword, changing default, How to Modify policy.conf Defaults
- IDLETIME keyword, changing default, How to Modify policy.conf Defaults
- ifconfig command
- Command Line Tools in Trusted Extensions
- Network Commands in Trusted Extensions
- importing, software, Adding Software to Trusted Extensions
- initial setup team, checklist for configuring Trusted Extensions, Checklist for Configuring Trusted Extensions
- Initialize Zone for LDAP action
- Trusted CDE Actions
- Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
- initializing
- Solaris Management Console, Initialize the Solaris Management Console Server in Trusted Extensions
- zones for LDAP, Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
- zones, Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
- Install Zone action
- Trusted CDE Actions
- Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
- troubleshooting, Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
- installation menu
- Create a new zone
- Name and Label the Zone
- Copy or Clone a Zone in Trusted Extensions
- Zone Console, Boot the Labeled Zone
- installing
- label_encodings file, Check and Install Your Label Encodings File
- Solaris OS for Trusted Extensions, Adding Solaris Trusted Extensions Software to the Solaris OS (Tasks)
- Sun Java System Directory Server, Configuring the Sun Java System Directory Server on a Trusted Extensions System
- zones
- Install the Labeled Zone
- Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
- interfaces
- assigning to security template, How to Assign a Security Template to a Host or a Group of Hosts
- verifying they are up, How to Verify That a Host's Interfaces Are Up
- internationalizing, See localizing
- interoperability, Trusted Solaris 8 and printing, Interoperability of Trusted Extensions With Trusted Solaris 8 Printing
- IP addresses
- fallback mechanism in tnrhdb, Trusted Network Fallback Mechanism
- in tnrhdb database, Configuring Trusted Network Databases (Task Map)
- in tnrhdb file, Configuring Trusted Network Databases (Task Map)
- IPv6
- entry in /etc/system file, Enable IPv6 Networking in Trusted Extensions
- troubleshooting, Enable IPv6 Networking in Trusted Extensions
J
K
L
- label audit token, label Token
- label_encodings file
- action for editing and checking, Trusted CDE Actions
- checking, Check and Install Your Label Encodings File
- contents, Label Encodings File
- installing, Check and Install Your Label Encodings File
- localizing, For International Customers of Trusted Extensions
- modifying, Check and Install Your Label Encodings File
- reference for labeled printing, Labeled Printer Output
- source of accreditation ranges, Label Encodings File
- label ranges
- restricting printer label range, How to Configure a Restricted Label Range for a Printer
- setting on frame buffers, Effects of Label Range on a Device
- setting on printers, Effects of Label Range on a Device
- labeld service, Enable Solaris Trusted Extensions
- disabling, How to Remove Trusted Extensions From the System
- troubleshooting, Enable Solaris Trusted Extensions
- labeled printing
- banner pages, Labeled Banner and Trailer Pages
- body pages, Labeled Body Pages
- PostScript files, How to Enable Users to Print PostScript Files in Trusted Extensions
- removing label, How to Create a Rights Profile for Convenient Authorizations
- removing PostScript restriction, How to Create a Rights Profile for Convenient Authorizations
- without banner page
- How to Create a Rights Profile for Convenient Authorizations
- How to Suppress Banner and Trailer Pages for Specific Users
- Labeled Zone Manager, See txzonemgr script
- labeled zones, See zones
- labeling
- turning on labels, Reboot and Log In to Trusted Extensions
- zones
- Name and Label the Zone
- Specify Zone Names and Zone Labels by Using a CDE Action
- labels
- See also label ranges
- assigning to named zones
- Name and Label the Zone
- Specify Zone Names and Zone Labels by Using a CDE Action
- authorizing a user or role to change label of data, How to Enable a User to Change the Security Level of Data
- classification component, Dominance Relationships Between Labels
- compartment component, Dominance Relationships Between Labels
- configuring rules for label changes, sel_config File
- default in remote host templates, Network Security Attributes in Trusted Extensions
- described, Trusted Extensions and Access Control
- determining text equivalents, How to Obtain a Readable Label From Its Hexadecimal Form
- displaying in hexadecimal, How to Obtain the Hexadecimal Equivalent for a Label
- displaying labels of file systems in labeled zone, How to Display the Labels of Mounted Files
- dominance, Dominance Relationships Between Labels
- downgrading and upgrading, sel_config File
- hiding from users, How to Hide Labels From a User
- of processes, What Labels Protect and Where Labels Appear
- of user processes, Label Ranges
- on printer output, Labeled Printer Output
- on trusted stripe, Reboot and Log In to Trusted Extensions
- overview, Labels in Trusted Extensions Software
- planning, Devising a Label Strategy
- printing without page labels, How to Remove Page Labels From All Print Jobs
- relationships, Dominance Relationships Between Labels
- repairing in internal databases, How to Obtain a Readable Label From Its Hexadecimal Form
- specifying for hosts, Specify Labels for Network Interfaces by Using the Solaris Management Console
- specifying for zones
- Name and Label the Zone
- Specify Zone Names and Zone Labels by Using a CDE Action
- troubleshooting, How to Obtain a Readable Label From Its Hexadecimal Form
- well-formed, Label Ranges
- LDAP configuration
- creating client, Make the Global Zone an LDAP Client in Trusted Extensions
- for Trusted Extensions, Configuring the Sun Java System Directory Server on a Trusted Extensions System
- LDAP server
- collecting information for, Collect Information for the Directory Server for LDAP
- configuring multilevel port, Configure a Multilevel Port for the Sun Java System Directory Server
- configuring naming service, Install the Sun Java System Directory Server
- configuring proxy for Trusted Extensions clients, Creating a Trusted Extensions Proxy for an Existing Sun Java System Directory Server
- creating proxy for Trusted Extensions clients, Create an LDAP Proxy Server
- installing in Trusted Extensions, Install the Sun Java System Directory Server
- planning for separation of duty, Populate the Sun Java System Directory Server
- protecting log files, Configure the Logs for the Sun Java System Directory Server
- registering credentials with Solaris Management Console, Register LDAP Credentials With the Solaris Management Console
- LDAP
- action for creating global zone clients, Trusted CDE Actions
- displaying entries, Using the LDAP Naming Service in Trusted Extensions
- enabling administration from a client, Enable the Solaris Management Console to Accept Network Communications
- naming service for Trusted Extensions, Using a Naming Service in Trusted Extensions
- planning, Planning for the LDAP Naming Service in Trusted Extensions
- starting, Using the LDAP Naming Service in Trusted Extensions
- stopping, Using the LDAP Naming Service in Trusted Extensions
- troubleshooting, How to Debug a Client Connection to the LDAP Server
- Trusted Extensions databases, Using a Naming Service in Trusted Extensions
- lengthening timeout, for relabeling, How to Lengthen the Timeout When Relabeling Information
- limiting, defined hosts on the network, How to Limit the Hosts That Can Be Contacted on the Trusted Network
- .link_files file
- description, .copy_files and .link_files Files
- setting up for users, How to Configure Startup Files for Users in Trusted Extensions
- startup file, Command Line Tools in Trusted Extensions
- list_devices command, Command Line Tools in Trusted Extensions
- localizing, changing labeled printer output, Labeled Banner and Trailer Pages
- log files, protecting Directory Server logs, Configure the Logs for the Sun Java System Directory Server
- logging in
- to a home directory server, Enable Users to Access Their Home Directories in Trusted Extensions
- using rlogin command, Use the rlogin or ssh Command to Log In and Administer a Headless System in Trusted Extensions
- login
- by roles, Security Requirements When Administering Trusted Extensions
- configuring serial line, How to Configure a Serial Line for Logins
- remote by roles, Remote Login by a Role in Trusted Extensions
- remote, Enable Remote Login by a Role in Trusted Extensions
- logout, requiring, How to Modify policy.conf Defaults
- lpaddent command, Add an NIS User to the LDAP Server
|
