1. Manuals
  2. Brands
  3. HP Manuals
  4. Software
  5. UX Bastille
  6. User manual

A Install-Time Security (Its) Using Hp-Ux Bastille; Choosing Security Levels; Security Levels - HP UX Bastille User Manual

Version b.3.3
Hide thumbs
Table of Contents

Advertisement

A Install-Time Security (ITS) using HP-UX Bastille

Install-Time Security (ITS) adds a security step to the installation or update process. This additional
step allows the HP-UX Bastille security lock-down engine to run during system installation with
one of four configurations ranging from default security to DMZ. ITS includes the following
bundles:
Sec00Tools (recommended software bundle)
Sec10Host (optional software bundle)
Sec20MngDMZ (optional software bundle)
Sec30DMZ (optional software bundle)
A.1 Choosing security levels
At cold install or update time, you can choose one of the security levels listed in
level provides incrementally higher security.
Table A-1 Security levels
Security level
2
Sec00Tools
3
Sec10Host
Sec20MngDMZ
3
Sec30DMZ
1
Configuration files are installed in /etc/opt/sec_mgmt/bastille/configs/defaults.
2
Sec00Tools is installed by default.
3
Sec10Host, Sec20MngDMZ, and Sec30DMZ are selectable.
NOTE:
When you select either the Sec20MngDMZ or Sec30DMZ security level, IPFilter restricts
inbound network connections. For more information on how to add inbound ports to your /etc/
opt/ipf.customerrules file, see the HP-UX IPFilter (Version A.03.05.09 and later)
Administrator's Guide and the HP-UX System Administrator's Guide.
Using one of these security levels applies a default security profile, simplifying the lock-down
process. The following tables list the services and protocols affected by each security level.
Configuration file name
Not applicable
HOST.config
3
MANDMZ.config
DMZ.config
1
Description
The Install Time Security infrastructure. No security changes.
Host-based lock down with firewall pre-enablement. Some common
clear-text services are turned off, excluding Telnet and FTP.
Lock down that allows secure management. IPFilter firewall blocks
incoming connections except common, relatively safe, management
protocols.
Network-DMZ lock down. IPFilter blocks all incoming connections
except HP-UX Secure Shell.
Table
A-1. Each
A.1 Choosing security levels
27

Advertisement

Table of Contents
loading

Related Manuals for HP UX Bastille

Related Content for HP UX Bastille

This manual is also suitable for:

Ux bastille b.3.3

Table of Contents