Arguably the best tested tools are those currently supplied by
Sun's own blueprints.
The Sun Blue Print team develops and tests solutions for many
facets of security, including security high-end systems.
Look for the Solaris Security Toolkit (aka "JASS").
Special products, such as Clustering software, E10K SSPs,
and others, need tailored security work. The blueprints program
security solutions for Solaris are only suitable for
low-end systems and are known to break Sun's high end servers.
In Solaris 10, you may also want to apply the "limited net" SMF
profile using "svccfg apply /var/svc/profile/generic_limited_net.xml".