Oracle Solaris 11
With the new high-powered Oracle Solaris 11, SPARC Enterprise servers are able to further maximize system uptime while reducing costs.
Oracle Solaris 11 greatly reduces system downtime when systems are being upgraded and simplifies implementation of security threat protection. In addition, the investment efficiency of enterprise servers is also maximized.
- Existing application assets can be used on upgraded systems without change
Solaris 10 Containers greatly reduces the cost of upgrading from Solaris 10 even if a portion of the application system would not otherwise support Oracle Solaris 11.
- Highest application availability is now possible without administrative pain
The proven quality and fail-safety of the Oracle Solaris 11 and SPARC Enterprise combination can maximize uptime even if a system failure occurs.
- Network resources are used fully and evenly
By regulating network bandwidth, Oracle Solaris 11 can maximize the efficiency of network resource use. In addition, IP addresses are preserved before and after server consolidation. This means network redesign is not required.
Long-Life and “Always On” Systems With SPARC Enterprise and Oracle Solaris 11
Maximizing the longevity of customer assets
An upgrade to Oracle Solaris 11 can be done at minimum cost.
(1) Applications can be upgraded without compilation. All the application interfaces are the same as Oracle Solaris 10.
(2) Solaris 10 environment for applications “not-ready for Solaris 11”
Oracle Solaris 11 provides relief if you find an application in your system, which does not support Oracle Solaris 11. Oracle Solaris 10 Containers provides the framework to create Zones within the overall Oracle Solaris 11 environment where such applications can run.
Importantly, applications running in Oracle Solaris 10 Containers can still enjoy most of the Oracle Solaris 11 enhancements.
SPARC Enterprise with Oracle Solaris 11 is able to minimize downtime required for system upgrade and maintenance.
One reason is the ability with Oracle Solaris 11 to accommodate multiple Boot Environments: distinctive bootable Oracle Solaris environments which can exist on the same server.
This allows creation of a new Boot Environment to which new patches and software are applied while running the system using the existing Boot Environment. As a result, the only downtime required is the time to boot the new Boot Environment.
With previous Oracle Solaris versions, it was necessary to interrupt the system for the length of time to perform the patch and software installation as well as the reboot.
Fail-safety is another benefit of this new approach. Even if a system fails due to a problematic patch, Oracle Solaris 11 enables fast operation recovery by simply switching back to the previous Boot Environment.
*1 BE stands for Boot Environment for Oracle Solaris 11
*1 BE stands for Boot Environment for Oracle Solaris 11
Oracle Solaris 11 High Security
Oracle Solaris 11 has the ability to protect systems from fierce security attacks.
- Key to open locked data can be renewed any time
Data encryption by Zettabyte File System (ZFS) protects your company from malicious use of stolen data. All the keys used for encrypting/decrypting data can be renewed at any time. Even if an attacker steals a key, it will soon become useless after the key renewal.
- Security backdoors eliminated
Eliminating security weak points is the first step in building a high security system. Attacks and intrusions are often attempted via the network services. So minimizing the number of network services is the best way to prevent such attacks. With Automatic Secure By Default, Oracle Solaris 11 automatically limits network service that is started to SSH only. This allows individual organizations to then add network service definitions according to their own system design.
Traditional UNIX Operating Systems (OS) start many network services automatically, most of which are not used. As a result they make easy targets for attack.
- Even worse case scenarios are very limited
With traditional UNIX OS interfaces, server programs use Root Privilege to access system information. Root Privilege grants read and write actions for all the files under the OS.
As a result, hijacking of Root Privilege is a series problem – as such attacks can easily steal confidential data or corrupt the system.
To prevent such malicious use, Oracle Solaris 11 changes the scope of Root Privilege. Using Forced Privileges, Oracle Solaris 11 minimizes the files accessible by Root Privilege. Now even if a program with Root Privilege is hijacked, the files that are accessible are greatly limited.
They only execute using the privileges specified in their entry in the Forced Privileges rights profile. This significantly reduces each program’s potential to be an attack vehicle against the overall system.
Adapts To Business Changes
The whole network can be virtualized
Making network virtualization simple also simplifies the server consolidation processes. With Oracle Solaris 11, physical networks can be consolidated into a small numbers of networks. Network design becomes simple because there are no longer any limits on the number of networks which can be accommodated. In addition, as network topology is simplified, administration and maintenance are also simplified.
Without network virtualization, server consolidation requires large numbers of physical networks – in fact, the same total number of networks that existed for all servers before consolidation. This results in extra administration effort to maintain the complex networks.
Oracle Solaris 11 network virtualization is simple as the kernel exactly maps the physical network entities onto its virtualization entities. This means the overall network topology including IP addresses can be preserved.
- Virtual Network Interface Cards (VNIC)
Oracle Solaris 11 has virtualized entity cards called Virtual Network Interface Cards (VNIC). These take the same IP addresses as the corresponding physical LAN cards.
Oracle Solaris 11 also has another virtualized entity called an EtherStub. This acts as a virtualized switch and can be assigned the same IP addresses as its corresponding physical switch.
Efficient use of high capacity networks
Now it is possible to maximize network efficiency and use by allotting upper limits for network bandwidth. This prevents network congestion and enables smart network management with throughput matched to system requirements. This new function is called Flow.
For example, even if data backup is occurring, any extra network load can be eliminated by the simple setting of a bandwidth limitation.
(1) When no data backup is operating, it is unlikely any single application is dominating the network. So, there is little network congestion.
(2) Once data backup starts, it tends to dominate the network. Due to the resulting network congestion, the response time of other application increases.
(3) But if a network bandwidth limit is set using Flow, no process can dominate the network. Data bandwidth available to the backup is limited to the predetermined value.
Such bandwidth limitations can be set by IP address pairs, TCP or UDP ports at either side, or by network protocol. In addition, these settings can be modified during operation to ensure management flexibility.
SPARC Enterprise with high-powered Oracle Solaris 11 will help you optimize your mission critical systems and preserve the life of your application assets. This is achieved by maximizing the efficiency of server resources and the overall use of CPU, memory, and networks; as well as simplifying the move to this new environment.
It also means SPARC Enterprise is still the best choice of platform solution, if you wish to be able to adapt your mission critical systems to meet all future business environment changes.