We have Sun Microsystems running Solaris 2.5.1. over a branch network WAN. We also have Windows NT 4.0 and Novell 3.12. The Solaris servers run our banking system client/server application (the server side of course).
Our clients are running Win95b. Our network is 10/100 ethernet LAN using RJ45 cabling and HP Switches
(2400 & 4000).
We are not directly connected to the internet although we have connectivity from our Win95 clients only via our ISP.
Our banking application is TCP/IP based. Our Win95 clients have to be authenticated by each server they need resources from (Solaris via Solstice NFS client, Win NT 4.0, Novell 3.12).
We are located in Central America (Belize).
We are concerned with the security of our Solaris systems.
How can we secure our system wihout hiring a security expert?
We want to be able to control access to our systems and applications by insiders and outsiders!
I've read about Single Sign On systems or encryption etc.
We need a system that will upgrade the security level to at least C2. What security systems are available readily for Solaris? Is Kerberos secure?
What have been your experiences with security issues on Solaris?
Thanks in advance for your advice!
Knowledge is power, but it is only useful if it is shared!