Technical Whitepaper: Oracle Solaris Immutable Zones for SAP Installation

This paper provides instructions and best practices on how to create and manage an SAP installationon an Oracle Solaris Immutable Zone. An Immutable Zone is a security mechanism that can be used to control the way users access files, protect system databases and applications, allow read-only virtual machines, and freeze the operating system and hardware configuration to prevent changes. An Oracle Solaris Immutable Zone obtains the zone’s configuration by implementing read-only root file systems for non-global zones, global zones and kernel zones.


The goal of this document is to increase security features on the Oracle Solaris operating system by defining a non-global zone, global zone or kernel zone as an Immutable Zone and running the SAP application on this read-only zone. With this strategy, the system is made safer. The procedure is tested by simply setting the zonecfg file-mac-profile property for various SAP releases with Oracle Database 11g and 12c... [Click here to read more].



Plug Inbound!

Don't forget to follow OTN Systems Hub by clicking the "Follow" button at the top right of the page.