SunScreen EFS(TM) 3.0 introduces the first SunScreen product release that combines the popular stealth SunScreen SPF-200 dedicated bridge product with the SunScreen EFS layered router product. You now have greater flexibility when setting up your company's security scheme as a solution to security authentication and privacy requirements, as well as a means of securing your department networks connected to a public internetwork.
This SunScreen EFS Installation Guide provides all information necessary to install in either routing or stealth mode from the SunScreen EFS 3.0 CD-ROM on to your network. Other manuals in the SunScreen EFS documentation set include the SunScreen EFS Administration Guide and the SunScreen EFS Reference Manual.
The SunScreen EFS documentation set is intended for SunScreen EFS system administrators responsible for the operation, support, and maintenance of network security. It is assumed that you are familiar with UNIX system administration and TCP/IP networking concepts, and with your network topology.
The SunScreen EFS 3.0 Installation Guide is organized into the following chapters:
Chapter 1, Chapter 1, Introduction to Installing SunScreen EFS 3.0 , introduces SunScreen EFS 3.0 concepts, including product architecture.
Chapter 2, Chapter 2, Prerequisites for Installation , covers choosing the level of security for SunScreen EFS 3.0, and preparing for installation with either local or remote administration.
Chapter 3, Chapter 3, Installing in Routing Mode, contains instructions for installing SunScreen EFS 3.0 in routing mode with local administration.
Chapter 4, "Installing a Remotely Administered SunScreen", contains instructions for installing a remotely administered SunScreen EFS 3.0 using self-generated or issued certificates.
Chapter 5, Chapter 5, Installing in Stealth Mode, contains instructions for installing SunScreen EFS 3.0 in stealth mode.
Chapter 6, Chapter 6, Upgrading to SunScreen EFS 3.0, contains instructions for upgrading from SunScreen 1.1 or 2.0, or from SPF-200, to SunScreen EFS 3.0, including how to preserve your existing configurations.
Chapter 7, Chapter 7, Converting FireWall-1 to SunScreen EFS 3.0, in Routing Mode, explains how to convert from FireWall-1, Release 2.1 or 3.0, to SunScreen EFS 3.0.
Chapter 8, Chapter 8, Removing SunScreen EFS 3.0 Software, explains how to remove the SunScreen EFS 3.0 software.
Appendix A, Appendix A, Using the Command Line For Installing SunScreen EFS 3.0, shows examples of using the command line to install SunScreen EFS 3.0 in routing mode with remote administration or in stealth mode.
Appendix B, Appendix B, Upgrading Crypto Modules, explains how to add additional Crypto modules to your SKIP configuration.
The SunDocsSM program provides more than 250 manuals from Sun Microsystems, Inc. If you live in the United States, Canada, Europe, or Japan, you can purchase documentation sets or individual manuals using this program.
For a list of documents and how to order them, see the catalog section of the SunStore(sm) Internet site at http://sunstore.sun.com.
The docs.sun.com Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com/.
The following table describes the type changes and symbols used in this book.
Table P-1 Typographic Conventions
Typeface or Symbol |
Meaning |
Example |
---|---|---|
AaBbCc123 |
The names of commands, files, and directories; on-screen computer output |
Edit your .login file. Use ls -a to list all files. machine_name% You have mail. Type su - to become superuser. |
AaBbCc123 |
What you type, contrasted with on-screen computer output |
machine_name% su - Password: |
AaBbCc123 |
Command-line placeholder; replace with a real name or value |
To delete a file, type rm filename.
|
AaBbCcl123 |
Book titles, new words or terms, or emphasized words |
Read Chapter 6 in User's Guide. These are called class options. You must be root to do this. |
The following table shows the default system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.
Table P-2 Shell Prompts
Shell |
Prompt |
---|---|
C shell prompt |
machine_name% |
C shell superuser prompt |
machine_name# |
Bourne shell and Korn shell prompt |
$ |
Bourne shell and Korn shell superuser prompt |
# |
The following books may be useful or interesting when installing the SunScreen EFS 3.0:
Applied CryptographyBruce Schneier, John Wiley & Sons, 1996, 2nd edition, ISBN 0-471-12845-7
Building Internet FirewallsD. Brent Chapman and Elizabeth D. Zwicky O'Reilly &Associates, 1995, ISBN 1-56592-124-0
Computer Security Policies and SunScreen FirewallsKathryn M. Walker and Linda Croswhite Cavanaugh Sun Microsystems Press, 1998, SSBN 0-13-096015-0
Firewalls and Internet SecurityBill Cheswick and Steve Bellovin Addison-Wesley, 1994, ISBN 0-201-63357-4
Handbook of Computer-Communications Standards Volume 3: The TCP/IP Protocol SuiteWilliam Stallings, Macmillan, 1990
Internetworking with TCP/IP, Volume 1Douglas E. Comer, Prentice Hall, 1995, ISBN 0-13-216987-8
Network and Internetwork Security Principles and PracticeWilliam Stallings, Prentice Hall, 1995, ISBN 0-02-415483-0
Practical UNIX and Internet SecuritySimson Garfinkel and Gene Spafford, O'Reilly & Associates, 1996, 2nd edition, ISBN 1-56592-148-8
TCP/IP Illustrated, Volume 1 The ProtocolsW. Richard Stevens, Addison-Wesley, 1994, ISBN 0-201-63346-9
TCP/IP Network AdministrationCraig Hunt, O'Reilly & Associates, 1992
Network SecurityCharlie Kaufman, Radia Perlman, and Mike Speciner Prentice Hall, 1995
SKIP IP-Level Cryptography [http://skip.incog.com/]
Sun Software and Networking Security [http://www.sun.com/security]