... h4. [Security Advantages of the Solaris Zones Software !Main^download.gif!|http://mapping.sun.com/profile/offer.jsp?id=112]
*by Dr. Christoph Schuba{*}{excerpt}
December 2008{excerpt}
Virtualization is emerging as an important tool as organizations look to consolidate redundant and aging infrastructure and create a more agile and cost-effective datacenter. Indeed, virtualization technologies can help organizations quickly recover from disasters, reduce time to market for new services, and better utilize existing infrastructure to reduce space, power, and cooling requirements. It can help increase service levels while delivering security that once required the use of individual servers. In particular, operating system (OS) level virtualization allows multiple applications to share the same operating system instance while providing separate security domains for each application.
h4. Contents
* Chapter 1. Introduction
* Chapter 2. Solaris Zones Architecture
** Branded Zones
** Labeled Zones
** Zones and Networking
*** Shared-IP Zones
*** Exclusive-IP Zones
** Zone Identity, CPU Visibility, and Packaging
** Zones and Devices
* Chapter 3. Getting Started with Zones
** Zones Administration
** Creating, Installing, and Booting a Zone for Apache HTTP Server
* Chapter 4. The Security Advantages of OS Virtualization
** Isolation and Encapsulation
*** Offering Replicated or Redundant Services Using Zones
*** Hardening a Web-Facing Web Server Using Solaris Zones
** A Reduced Set of Privileges for Non-Global Zones
** Benefits of Exclusive IP Stack Instances
** Monitoring Events in Zones
*** Auditing Events in Non-Global Zones
* Chapter 5. For More Information
** About the Author
** References
** Ordering Sun Documents
** Accessing Sun Documentation Online
{panel:title=About the Authors\|borderStyle=solid\|titleBGColor=#F8D583\|bgColor=white}
Christoph Schuba studied mathematics and management information systems at the University of Heidelberg and the University of Mannheim in Germany. As a Fulbright Scholar, he earned his M.S. and Ph.D. degrees in Computer Science from Purdue University in 1993 and 1997, performing most of his dissertation research in the Computer Science Laboratory at the Xerox Palo Alto Research Center (PARC). Christoph has taught undergraduate and graduate courses in computer and network security, cryptography, operating systems, and distributed systems at San Jose State University, U.S., at the Universtitaet Heidelberg, Germany, at the International University in Bruchsal, Germany, and at Linkopings universitet in Linkoping, Sweden where he held the chair in information security.
|