HP-UX Bastille Version B.3.2 Release Notes

2 New features in this release

2.1 Greater coverage of the CIS HP-UX security benchmark

Expanded security hardening choices allow you to lock down your systems in alignment with

the latest Center for Internet Security (CIS) Benchmark for HP-UX or other similar security

hardening standards.

2.2 Reporting enhancements

To report on the overall security configuration state of a system, HP-UX Bastille offers an

assessment-only mode that evaluates the security status for each hardening question, and

generates a summary report for all questions.

Scored assessment reports provide a concise summary of compliance against a desired standard.

For example, a weights file that selects the lock-down items used with a particular industry

standard can be used for comparison against the system status.

2.3 Bug fixes in this release

• QXCR1000965106 —Module question AccountSecurity.gui_login reported as

unanswered during lock down.

• QXCR1000965123—Invalid parameter in shutdown script for TPS service, XPRINTSERVERS.

• QXCR1000965135—Configuration item MiscellaneousDaemons.nfs_core not recognized

by GUI or in lock down.

• QXCR1000965178 —Configuration items: nisplus_server and nisplus_client not

reported correctly.

• QXCR1000965179 —Configuration item screensaver_timeout does not set timeout value

properly.

2.1 Greater coverage of the CIS HP-UX security benchmark 7