Tuesday, September 15, 2009

Sun Cluster Hardening

For those in the defense industry, you might be required to harden your Sun Cluster after deployment. 

Do take note of the following:

Sun "supports" Sun Cluster hardening via the Solaris Security Toolkit (aka JASS) only. The reason is that we test it and fix bugs in either product as required. There are many subtle issues when hardening  clusters.

Of particular note, a service which is expected to be up, should be up and observable. Otherwise it is indistinguishable from being down and can lead to cluster reconfiguration.

You should also point this blueprint article out for your customer which explains some of the issues (though it is slightly aged).

Solaris Security Toolkit ( formerly known as JumpStart Architecture and Security Scripts [JASS] ) can be downloaded from here.

No comments:

Post a Comment