Sun Solaris getting security, virtualization boosts

Open source Xen hypervisor set for inclusion in 2007

Sun Microsystems is sprucing up its Solaris 10 operating system with security and virtualization improvements.

Today's release of Solaris 10 11/06 is intended to make Solaris the most secure OS in existence, said Tom Goguen, Sun vice president of Solaris marketing. Next year, Sun will incorporate the open Xen hypervisor, for virtualization of an OS, into Solaris 10, Goguen said during a press briefing at Sun offices in San Francisco.

The Monday release of Solaris is undergoing governmental Common Criteria Certification based on EAL (Evaluation Assurance Level) 4+ with three Protection Profiles. EAL is a global specification accepted by governments around the world, Goguen said.

Featured in the new version of Solaris are trusted extensions, including multilevel security, for attaching a security profile or tag to every object dealt with by the OS, Goguen explained. With this level of security, the OS, for example, could permit someone viewing top secret and secret documents to cut and paste from the secret to the top secret document, but prevent the converse of this.

Also featured in the 11/06 release is a "secure by default" capability. "Out of the box, everything is designed to be locked down," said Goguen. Sun's security enhancements are featured in both the commercial and open source variants of Solaris. The open source release is under the jurisdiction of opensolaris.org.

The new release also boasts Solaris Containers virtualization technology that provides secure containers for running applications within the OS. The Containers software has been made more mobile, enabling the cloning of a container and the capability to move it to other systems or have it run on an array of systems.

With Containers, a user might take a container running a Web server and clone it across multiple machines for more throughput.

The Xen hypervisor technology due in the first half of next year will enable virtualization at the OS level. Among the perceived benefits include server consolidation, with users able to manage and use fewer servers. Improved utilization is enabled, Goguen said.

"The dirty little secret in the x64 world is these systems are only running at about 10 percent utilization," Goguen said.

The hypervisor would run under the control of Solaris, with OS capabilities such as DTrace, for analyzing OS and application behaviors, extended to it. Xen already is available with open source Solaris and will be commercially supported and available for commercial Solaris.

Sun with its Solaris enhancements is not looking to upstage Linux in the open source community but does seek to battle commercial distributions of Linux, Goguen said. Sun also is vying with other commercial Unix platforms such as IBM AIX and HP's HP-UX, Sun officials noted.

Although Sun in November released the Java programming language under the open source GNU General Public License version 2, the company still is pondering whether GPL is the right route for Solaris. Sun may offer Solaris under GPL 3 when that is finalized. GPL 3 addresses aspects such as the capability to combine software not based on the GPL.

Solaris currently is offered under Sun's CDDL (Common Development and Distribution License), which is a Mozilla-style license offering more leeway in combining of code, according to Goguen. By releasing Solaris in an open source fashion, the company recognizes that technologies such as DTrace could be ported to new environments.

In 2007, Sun also plans to make major plays to gain the business of so-called Web 2.0 startup companies, Sun officials said. These are being defined by Sun as companies using technology as an advantage for their businesses and who leverage the Web in a more read-write, interactive fashion as opposed to a read-only format.

Additionally, Sun will make a stronger play into the X86 leveraging reseller channels, Goguen said.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies