The agent can be deployed only on a Solaris global zone. If your Solaris environment
uses any non-global zones, the protection that the agent can provide for the global
zone and non-global zones will differ with each protection module:
See Install the
agent manually for more on installing the agent on Solaris.
Intrusion Prevention (IPS), Firewall, and Web Reputation
If your Solaris environment uses any non-global zones, the Intrusion Prevention, Firewall,
and Web Reputation modules can only provide protection to specific traffic flows between
the global zone, non-global zones and any external IP addresses. Which traffic flows
the agent can protect depends on if the non-global zones use a shared-IP network interface or an exclusive-IP network interface.
Kernel zones use an exclusive-IP network interface and agent protection to traffic flows is limited to that network configuration.
Non-global zones use a shared-IP network interface
Agent protection to traffic flows in a shared-IP configuration is as follows:
Traffic Flow
|
Protected by agent
|
external address <-> non-global zone
|
Yes
|
external address <-> global zone
|
Yes
|
global zone <-> non-global zone
|
No
|
non-global zone <-> non-global zone
|
No
|
Non-global zones use an exclusive-IP network interface
Agent protection to traffic flows in a exclusive-IP configuration is as follows:
Traffic Flow
|
Protected by agent
|
external address <-> non-global zone
|
No
|
external address <-> global zone
|
Yes
|
global zone <-> non-global zone
|
Yes
|
non-global zone <-> non-global zone
|
No
|
Anti-Malware, Integrity Monitoring, and Log Inspection
The Anti-Malware, Integrity Monitoring and Log Inspection modules provides protection
to the global zone. For non-global zones, any files or directories that are also visible
to the global zone are protected. Files specific to a non-global zone are not protected.