Manualshelf

HP-UX 11i v3 Installation and Update Guide, September 2008 (Update 3 Release)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Foundation OE
31323334353637383940
Predefined Security Levels
At cold-install or update-time, you can choose one of the security levels listed in
Table 3-2, with each one providing incrementally higher security.
Table 3-2 Predefined Security Configuration
DescriptionConfiguration File
Name
1
Security Level
The install-time security infrastructure; no security changes.Not applicable
Sec00Tools
2
Host-based lockdown: firewall pre-enablement; some common
clear-text services turned off, excluding Telnet and FTP.
HOST.configSec10Host
3
Lockdown while allowing secure management: IPFilter firewall
blocks incoming connections except common, relatively safe,
management protocols.
MANDMZ.configSec20MngDMZ
3
Network-DMZ Lockdown: IPFilter blocks all incoming
connections except HP-UX Secure Shell.
DMZ.configSec30DMZ
3
1
Configuration files are installed to /etc/opt/sec_mgmt/bastille/configs/defaults
2
Sec00Tools is installed by default.
3
Sec10Host, Sec20MngDMZ, and Sec30DMZ are selectable.
NOTE: When you select either the Sec30DMZ, or MngDMZ security level, IPFilter will
restrict inbound network connections. For more information on how to add inbound
ports to your /etc/opt/ipf.customerrules file, refer to the HP-UX IPFilter (Version
A.03.05.09 and later) Administrator's Guide and the HP-UX System Administrator’s Guide.
Selecting Your Security Levels at Install Time
During installation, you can configure your security levels by navigating to the System
tab from the Ignite-UX Graphical User Interface Installation and Configuration dialog
box. The System tab allows you to configure information unique to your system such
as security levels, hostname, IP address, root password, and the time zone.
For ease of use, HP recommends using the System tab to select the security level
appropriate for your deployment as described below.
1. Do one of the following:
If you are using the Ignite-UX GUI, navigate to the System tab (from the
Ignite-UX Installation and Configuration dialog box) and select Security
Choices.
If you are using the Ignite Install HP-UX Wizard, navigate to the Additional
Software screen and select Security Choices.
38 Choosing an Installation Method