HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

211

212

213

214

215

216

217

218

219

220

Database Security

Secure communication between the database client and the database server is controlled

by the database server and client software. Therefore, choose your database environment

based on your organization's security requirements. You may have to consider

controlling access to the database tables based on views and privileges, data encryption

requirements between the database client and server, or data encryption requirements

of the data stored in the database.

High Availability

SQL Access provides multiple options to configure a highly available AAA Server

environment:

• Utilizing the high-availability features of the database client and server for fail-over

and load balancing;

• Configuring SQL Access such that alternate or secondary SQL actions are executed

depending on database availability events, or to build in redundancy for critical

database transactions;

• Using the SQL Access database reconnection feature that automatically attempts

reconnection to the database in the event of an unresponsive database.

These tools can be used separately or can be combined to achieve the degree of high

availability required for your business.

Database Client

The AAA Server communicates to the database through the database client and client

connector library. See the HP-UX AAA Server Release Notes at http://docs.hp.com/ in

the Internet and Security Solutions collection for the latest list of certified database

clients.

Refer to your database client vendor's documentation to install the database client

software on the same system where your HP-UX AAA server resides. See the README

files in the respective directory for the supported environments at /opt/aaa/

examples/sqlaccess/ for specific implementation information.

These tools can be used separately or can be combined to achieve the degree of high

availability required for your business.

Shared Library Path Configuration

The shared library path to the database client libraries must be set depending on the

vendor's library path requirements and how the AAA Server is started:

• For startup using the Server Manager, modify the /opt/aaa/remotecontrol/

rmistart.sh startup script

• For startup at system boot, modify the /sbin/init.d/radiusd.rc file

• For interactive startup of radiusd, set the shared library path at the command

prompt or include it in your shell initialization script

216 SQL Access