Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Oracle Solaris 11: First Look

You're reading from   Oracle Solaris 11: First Look A sneak peek at all the important new features and functionality of Oracle Solaris 11

Arrow left icon
Product type Paperback
Published in Jan 2013
Publisher Packt
ISBN-13 9781849688307
Length 168 pages
Edition 1st Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Philip P. Brown Philip P. Brown
Author Profile Icon Philip P. Brown
Philip P. Brown
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Oracle Solaris 11: First Look
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
1. IPS – The Image Packaging System FREE CHAPTER 2. Solaris 11 Installation Methods 3. Sysadmin Configuration Differences 4. Networking Nuts and Bolts 5. NWAM – Networking Auto-reconfiguration 6. ZFS – Now You Can't Ignore It! 7. Zones in Solaris 11 8. Security Improvements 9. Miscellaneous IPS Package Reference
New ACL Permissions and Abbreviations
Solaris 10 Available Enhancements Index

On-disk encryption


ZFS in Solaris 11 now also offers optional on-disk encryption. Some additional coverage of this is given in Chapter 6, ZFS – Now You Can't Ignore It!. The Solaris Cryptographic Framework libraries are used for encryption purposes, so ZFS will receive the benefit of any compatible crypto acceleration present on the system.

As an additional point of interest, the inherited nature of encrypted filesystems means that if a global zone creates a /zones filesystem, and then creates a zone with a zoneroots underneath, the zone will have the benefit of on-disk encryption without ever having direct access to the encryption key itself.

Warnings about encrypted ZFS filesystems

There are some gotchas to using a encrypted ZFS filesystem that should be carefully considered before using:

  • Once you enable encryption on a ZFS filesystem, it cannot be turned off.

  • Encryption will also be enabled on all subfilesystems, irrevocably.

  • You cannot use zfs send/zfs receive for a non-encrypted ZFS destination...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image