SunScreen 3.1 adds:
Support for the Solaris 8 operating environment.
Support for Trusted Solaris 7.
SunScreen 3.1 runs on Trusted Solaris 7. Although SunScreen 3.1 filters packets that contain security labels, it does not filter based on security labels.
Installation improvements to the Solaris Web Start WizardsTM installer.
A single installation GUI asks if the machine is to perform Administration, Screen, or both functions. Based upon the response, the installer installs the appropriate packages and performs the appropriate installation scripts.
When installing in stealth mode, you are presented with a list of the plumbed interfaces from which you select the administration interface.
SunScreen 3.1 Lite, which is included with the Solaris 8 Early Access (EA) directory, beginning with Update 1, 6/00.
SunScreen 3.1 Lite is designed to be a feature-limited subset of the full version. It is designed to protect individual server assets as opposed to the full version that includes features for perimeter defense and enterprise-level network protection.
Improvements to SunScreen 3.1 administration GUI include the Policy Rules table, which is now directly editable.
That is, you no longer need to use the Edit button, thus increasing the convenience with which rules can be modified. If a named object is changed in a rule, the corresponding rule is modified and the Save button is enabled. The disk image of the policy is only updated when you press the Save button.
Also, when selecting a named object in a rule, its details are displayed in the common objects area. This object can also be edited from the common objects area.
Support for ATM CIP mode and Gigabit Ethernet.
ATM classical IP (CIP) mode and Gigabit Ethernet interfaces can now be filtered by the SunScreen packet filter in the same way as other interfaces.
Support for SNMP status reporting.
A predefined system receives a regular SNMP trap message that contains status information about the Screen. Thus, the administrator can know how well a Screen is running. This approach is particularly useful with stealth Screens because it is not always possible to log into a stealth Screen to get information about its status.