Log-in |

Sun Security Toolkit

The Sun™ Security Toolkit (SST), formerly known as both the Solaris Security Toolkit and the JumpStart Architecture and Security Scripts (JASS) Toolkit, provides a flexible and extensible mechanism to harden and audit Solaris and OpenSolaris Operating Systems (OSs). SST simplifies and automates the process of OS hardening and is based on proven security best practices and practical customer site experience gathered over many years. This toolkit can be used to secure SPARC-based and x86/x64-based systems.

The Sun Security Toolkit has transitioned to the OpenSolaris community where it will have two distinct branches:

  • Sun Security Toolkit: Legacy Version (SST:LV)
    The Legacy Version of SST supports Solaris 10 SPARC and x86/x64. It is an evolutionary release, so anyone familiar with SST 4.2 will find transitioning to SST:LV to be easy.
    To reflect SST:LV's relationship with SST 4.2, the first release will be numbered 5.  All 5.0.x releases are beta, see the Support Matrix for details.
    SST:LV 5.0.x is being actively developed; 5.1 is to be the stable release.
hg clone ssh://hg.opensolaris.org/hg/sst/sst-lv
  • Sun Security Toolkit: Community Edition (SST:CE)
    The Community Edition of SST will support OpenSolaris, Solaris 10, and any other OS in which the community has interest.
    Since SST:CE stands to deviate quite a bit from SST 4.2, so version numbering will begin at 1.0.
    This project is open-ended -- it will include community-driven functionality such as integration with LDAP and SMF.
hg clone ssh://hg.opensolaris.org/hg/sst/sst-ce

Service Support

The Sun Security Toolkit: Legacy Version 5 release is in development. When released, the toolkit will be supported by the OpenSolaris community. However, Solaris 10 systems that have been hardened by SST:LV will be supported as part of the Solaris Software Support Service Plans or the SunSpectrum Service Plan contracts. (UPDATE 11/25/09: The details of this agreement need to be verified.)

SST:LV 5.0.x Support Matrix

Since the number of driver/environment permutations is large, SST:LV 5.0.x support will be tracked by driver.  When all drivers and their associated .fin and .aud scripts have been tested, fixed (if necessary), and validated, SST:LV 5.1 will be considered stable and generally available.  Until then, SST:LV 5.0.x will be re-bundled whenever a cell in the matrix is validated.

Drivers10u8 SPARCs10u8 x86s10u7 SPARCs10u7 x86s10u6 SPARCs10u6 x86s10u5 SPARCs10u5 x86
cis-secureUntestedUntestedUntestedUntestedUntestedUntestedUntestedUntested
ldom_control-secureTested, works with expected warnings, need to write test report and build new pkgUntestedUntestedUntestedUntestedUntestedUntestedUntested
server-secureUntestedUntestedUntestedUntestedUntestedUntestedUntestedUntested
suncluster3x-secureUntestedUntestedUntestedUntestedUntestedUntestedUntestedUntested
sunfire_15k_sc-secureUntestedUntestedUntestedUntestedUntestedUntestedUntestedUntested

SST 4.2

SST version 4.2 fully supports SPARC and x86/x64 Solaris Operating System releases:

  • Solaris 10 Updates 0 - 4
  • Solaris 9
  • Solaris 8

You can download SST 4.2 at sun.com.

SST:CE 1.0

SST Community Edition is under development, but targeted to support:

  • OpenSolaris 2009.6
  • Solaris 10 Update 8 (10/09)
  • Other *nix OSes
    • CentOS will probably be first
    • If you're interested in contributing to this effort, email jason.callaway@sun.com.
Tags:
Created by on 2009/10/26 11:40
Last modified by jecallaw on 2009/12/24 18:22

Collectives

Project


© 2010, Oracle Corporation and/or its affiliates
XWiki Enterprise 2.1.1.25889 - Documentation
Terms Of Use | Privacy | Trademarks | Copyright Policy | Site Guidelines | Site map | Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Oracle