You can definitely have the global zone on one physical interface and the non-global zone facing the internet on another physical interface. With proper firewalls, RBAC setup, and lock down of your zone, you can have a very secure configuration. Take a look at JASS/SST toolkit and the CIS benchmark for Solaris on guidlines for securing your Solaris/OpenSolaris installs.
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Octave J. Orgeron Solaris Virtualization Architect and Consultant Web: http://unixconsole.blogspot.com E-Mail: unixcons...@yahoo.com *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* ----- Original Message ---- From: Orvar Korvar <knatte_fnatte_tja...@yahoo.com> To: zones-discuss@opensolaris.org Sent: Tue, November 30, 2010 7:48:31 AM Subject: [zones-discuss] How secure are zones? Hackers? I am thinking if it is safer to reach the outside world internet, via a Zone. Will this add additional security, with respect to the global zone? I think this is an interesting question? -- This message posted from opensolaris.org _______________________________________________ zones-discuss mailing list zones-discuss@opensolaris.org _______________________________________________ zones-discuss mailing list zones-discuss@opensolaris.org