SunScreen EFS(TM) 3.0 is part of the family of SunScreen products that provide solutions to security, authentication, and privacy requirements for companies to connect securely and conduct business privately over an insecure public internetwork. Past SunScreen firewall product releases include EFS, SPF-100, SPF-100G and SPF-200, their respective Administration Stations, SunScreen packet screen software, and SunScreen Simple Key-Management for Internet Protocols (SKIP) encryption software. SunScreen EFS 3.0 integrates the two SunScreen firewall products.
The SunScreen EFS Reference Manual contains background and reference information about SunScreen EFS 3.0. Other documentation in this SunScreen EFS 3.0 documentation set includes:
SunScreen EFS 3.0 Release Notes
SunScreen EFS 3.0 Installation Guide
SunScreen EFS 3.0 Administration Guide
SunScreen EFS 3.0 QuickStart Card
SunScreen SKIP 1.5 User's Guide
The SunScreen EFS 3.0 Reference Manual is intended for system administrators responsible for the operation, support, and maintenance of network security. This manual assumes that you are familiar with UNIX\256 system administration, TCP/IP networking concepts, and your network topology.
You need to have the following tasks completed before you install and administer your SunScreen EFS 3.0:
Become familiar with the SunScreen EFS 3.0 guides:
SunScreen EFS 3.0 Release Notes (PN 805-7749-11)
SunScreen EFS 3.0 Installation Guide (PN 805-7744-11)
SunScreen EFS 3.0 Administration Guide (PN 805-7745-11)
SunScreen SKIP 1.5 User's Guide (PN 805-7875-11)
Ensure that your system is running either Solaris 2.6 or Solaris 7.
Ensure that your system running SunScreen EFS 3.0 is secure.
List the network services by location (configuration matrix) allowed and disallowed per location used to establish rules.
The SunScreen EFS 3.0 Reference Manual contains the following chapters and appendices:
Chapter 1, "SunScreen EFS 3.0 Overview," provides a brief overview of the SunScreen EFS 3.0 product, including such topics as operating system and hardware requirements, and major features.
Chapter 2, "SunScreen EFS 3.0 Concepts," discusses the concepts and functions of SunScreen EFS 3.0.
Chapter 3, "Graphical User Interface Reference," explains the SunScreen EFS 3.0 graphical user interface (GUI), including navigation, page descriptions, and field descriptions.
Chapter 4, "SunScreen Logs," describes SunScreen EFS 3.0 packet logging.
Chapter 5, "Proxies," describes the proxies supported by SunScreen EFS 3.0.
Appendix A, "Migrating From Previous SunScreen Firewall Products," contains a table comparing the commands from SunScreen EFS, Release 2.0, and SunScreen SPF-200 to the equivalent commands used in SunScreen EFS 3.0.
Appendix B, "Command Line Reference," documents the command-line interface.
Appendix C, "Services and State Engines," lists the services and state engines supported by SunScreen EFS 3.0.
Appendix D, "Error Messages," lists the error messages generated by SunScreen EFS 3.0.
Appendix E, "Glossary," lists the terms and their definitions used in the SunScreen EFS 3.0 documentation.
You may want to refer to the following sources for background information on network security, cryptography, and SKIP.
Applied CryptographyBruce Schneier John Wiley & Sons, 1996, 2nd edition, ISBN 0-471-12845-7
Building Internet FirewallsD. Brent Chapman and Elizabeth D. Zwicky O'Reilly & Associates, 1995, ISBN 1-56592-124-0
Computer Security Policies and SunScreen FirewallsKathryn M. Walker and Linda Croswhite Cavanaugh Sun Microsystems Press, 1998, ISBN 0-13-096015-0
Firewalls and Internet SecurityBill Cheswick and Steve Bellovin Addison-Wesley, 1994, ISBN 0-201-63357-4
Handbook of Computer-Communications Standards Volume 3: The TCP/IP Protocol SuiteWilliam Stallings, Macmillan, 1990
Internetworking with TCP/IP, Volume 1Douglas E. Comer Prentice Hall, 1995, ISBN 0-13-216987-8
Network and Internetwork Security Principles and PracticeWilliam Stallings Prentice Hall, 1995, ISBN 0-02-415483-0
Practical UNIX and Internet SecuritySimson Garfinkel and Gene Spafford O'Reilly & Associates, 1996, 2nd edition, ISBN 1-56592-148-8
TCP/IP Illustrated, Volume 1 The ProtocolsW. Richard Stevens Addison-Wesley, 1994, ISBN 0-201-63346-9
TCP/IP Network AdministrationCraig Hunt O'Reilly & Associates, 1992
Network Security: Private Communication in a Public WorldCharlie Kaufman, Radia Perlman, and Mike Speciner Prentice Hall, 1995
SKIP IP-Level Cryptography [http://skip.incog.com/]
Sun Software and Networking Security [http://www.sun.com/security/]
The SunDocsSM program provides more than 250 manuals from Sun Microsystems, Inc. If you live in the United States, Canada, Europe, or Japan, you can purchase documentation sets or individual manuals using this program.
For a list of documents and how to order them, see the catalog section of the SunStoreSM Internet site at http://sunstore.sun.com.
The docs.sun.com Web site enables you to access Sun technical documentation online. You can browse the docs.sun.com archive or search for a specific book title or subject. The URL is http://docs.sun.com/.
If you have any support issues, call your authorized service provider. For further information about support, use the following URL to contact Enterprise Services: http://www.sun.com/service/contacting.
The following table describes the typographic changes used in this book.
Table P-1 Typographic Conventions
Typeface or Symbol |
Meaning |
Example |
---|---|---|
AaBbCc123 |
The names of commands, files, and directories; on-screen computer output |
Edit your .login file. Use ls -a to list all files. machine_name% You have mail.
|
AaBbCc123 |
What you type, contrasted with on-screen computer output |
machine_name% su Password: |
AaBbCc123 |
Command-line placeholder: replace with a real name or value |
To delete a file, type rm filename. |
AaBbCc123 |
Book titles, new words or terms, or words to be emphasized |
Read Chapter 6 in User's Guide. These are called class options. You must be root to do this. |
The following table shows the default system prompt and superuser prompt for the C shell, Bourne shell, and Korn shell.
Table P-2 Shell Prompts
Shell |
Prompt |
---|---|
C shell prompt |
machine_name% |
C shell superuser prompt |
machine_name# |
Bourne shell and Korn shell prompt |
$ |
Bourne shell and Korn shell superuser prompt |
# |