HP-UX AAA Server A.08.02 Release Notes
scalability and better performance. This feature also supports running and managing a group
of multiple HP-UX AAA servers on different hosts to offer high availability.
• MS-CHAP v2 for OTP Authentication: MS-CHAP v2 module supports Open Authentication
(OATH) standards-based One-Time Password (OTP) authentication.
• OATH Standards-Based OTP and Two-Factor Authentication: Provides Open AuTHentication
(OATH) standards-based One-Time Password (OTP) authentication for additional security to
protect networks from phishing attacks, unauthorized network access, and identity theft. OATH
standards-based OTP authentication in the HP-UX AAA Server can be customized easily to
suit various deployment scenarios. Typically, OTP is used to provide two-factor authentication.
• Web-Based User Database Administration Manager: Provides a customizable web interface
that can be used to manage user and token information stored in a SQL database.
• HP-UX AAA Server SDK: Server Plug-in Software Developer's Kit (SDK) for customizing and
extending the features of the HP-UX AAA Server. It enables the creation of plug-ins to customize
the implementation of the HP-UX AAA Server. The HP-UX AAA Server SDK is now provided
with the HP-UX AAA Server.
• Advanced Policy Engine: An updated policy engine that provides extended syntax for complex
policy actions to manipulate RADIUS requests and replies based on attribute content. The
default policy files enable the administrator to execute policies without customizing the Finite
State Machine (FSM). This feature includes substring manipulation.
• Common Database Interface: Supports HP-UX AAA Server interaction with supported databases
via the SQL Access AATV and database client connector libraries.
• EAP Support for Authenticated LAN Access: Secure wired and wireless LANs using Extensible
Authentication Protocol (EAP) to support 802.1x enabled network access devices. EAP methods
supported include PEAP, TTLS, TLS, GTC, MS-CHAP v2, and MD5.
• Multi-Server Session Management: Supports user, group, or custom limits on concurrent logins
to limit simultaneous sessions. Customizable shared session management for multiple HP-UX
AAA Servers is supported via the SQL Access feature.
• IP Address Management: DHCP interface for centralized administration of IP Address
assignment.
• IPv6 Support: Supports RADIUS IPv6 attributes with HP-UX 11i v2, and HP-UX 11i v3 operating
systems. This feature also supports RADIUS communication over IPv6 transports with HP-UX
11i v2 and HP-UX 11i v3 operating systems.
• SNMP Support: Effectively integrate and manage HP-UX AAA Servers with SNMP compliant
network management tools.
• LDAP Integration: Supports user profile storage and authentication using LDAP Version
3–compliant directories with request load balancing and failover.
• Web-based Administration: The Server Manager web-based administration utility provides
management and configuration of multiple HP-UX AAA Servers sharing a common configuration
set.
• Secure LAN Advisor: Utility inside the Server Manager administration tool to help plan,
configure, and deploy authenticated LAN access via 802.1x and EAP.
• Robust RADIUS Proxy Capabilities: Forwards authentication and accounting requests to other
RADIUS servers by DNS, realm, or custom criteria with configurable retry and time-out periods.
• Multi-vendor RADIUS Client Support: Includes pre-defined attribute mappings for leading
network access vendors and a customizable vendor dictionary to support a wide range of
RADIUS clients.
• Flexible and Customized Session Logging: Customize session logs to capture the desired volume
of session and accounting information. Session logging formats for Merit (default) and Livingston
Product overview 5