HP-UX AAA Server A.08.02.10 Release Notes HP-UX 11i v3 (T1428-90092, November 2013)

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

HP-UX AAA Server A.08.02.10 Release

Notes

HP-UX 11i v3

HP Part Number: T1428-90092

Published: November 2013

Summary of content (13 pages)

PAGE 1
HP-UX AAA Server A.08.02.
PAGE 2
© Copyright 2002, 2013 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license required from HP for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s standard commercial license. The information contained herein is subject to change without notice.
PAGE 3
Contents 1 HP-UX AAA Server A.08.02.10 Release Notes................................................4 Product overview......................................................................................................................4 Product features...................................................................................................................4 HP Secure Development Lifecycle................................................................................................
PAGE 4
1 HP-UX AAA Server A.08.02.10 Release Notes This document discusses the most recent product information on HP-UX AAA Server A.08.02.10. HP-UX AAA Server A.08.02.10 is supported on HP-UX 11i v3 (B.11.31). This document addresses the following topics: • “Product overview” (page 4) • “What is new in this version” (page 6) • “Defects fixed in HP-UX AAA Server A.08.02.10” (page 7) • “Known problems and limitations in HP-UX AAA Server A.08.02.
PAGE 5
• OATH Standards-Based OTP and Two-Factor Authentication: Provides Open AuTHentication (OATH) standards-based One-Time Password (OTP) authentication for additional security to protect networks from phishing attacks, unauthorized network access, and identity theft. OATH standards-based OTP authentication in the HP-UX AAA Server can be customized easily to suit various deployment scenarios. Typically, OTP is used to provide two-factor authentication.
PAGE 6
Table 1 Supported IETF RFCs RFC# RFC Title 2284 PPP Extensible Authentication Protocol (EAP) 2619 RADIUS Authentication Server MIB 2621 RADIUS Accounting Server MIB 2716 PPP EAP-TLS Authentication Protocol 2865 Remote Authentication Dial-In User Service (RADIUS) 2866 RADIUS Accounting 2867 RADIUS Accounting Modifications for Tunnel Protocol Support 2868 RADIUS Attributes for Tunnel Protocol Support 2869 RADIUS Extensions 3162 RADIUS and IPv6 4186 EAP Method for Global System for Mobil
PAGE 7
• Validate OTP and Password • Store OTP • Proxy the OTP and password to another RADIUS server for OTP and password validation For more information about EAP-MS-CHAPv2 for OTP Authentication, see HP-UX AAA Server A.08.02 Administrator’s Guide at http:// www.hp.com/go/hpux-security-docs. (Select HP-UX AAA Server (RADIUS) Software.) Common Logfile HP-UX AAA Server supports having Common Logfile for multiple instances of the HP-UX AAA servers on a single host.
PAGE 8
Known problems • Statistics screen on the HP-UX AAA Server Manager displays incorrect statistics details when log suppression feature is enabled. Workaround: Use the command line utility /opt/aaa/bin/radcheck to obtain the correct statistics details. The radcheck utility provides statistic information only if the HP-UX AAA Server is operational and invoked from a host which is registered as a client to HP-UX AAA Server. • HP-UX AAA Server is upgraded to use OpenSSL 0.9.8 libraries.
PAGE 9
Known limitations • Using stored procedure output parameters with MySQL databases will result in NULL values for SQL Access output mappings. Input mappings can be processed normally with MySQL stored procedures. Workaround: Utilize direct SQL statements for SQL Actions requiring output data from MySQL databases. • The HP-UX AAA Server does not recognize realm aliases for local realms configured with local user file storage. Workaround: Configure separate realms for each alias • The HP-UX AAA Server A.
PAGE 10
• EAP-TTLS (PAP, MS-CHAP v2, EAP-MSCHAPv2) • PEAP (EAP-GTC, EAP-MSCHAPv2) Microsoft for Windows XP (SP1 or SP2), and Windows Vista The following EAP methods are certified for the Microsoft Windows XP (SP1 or SP2) and Windows Vista supplicants with the HP-UX AAA Server A.08.02.10: • PEAP (EAP-MSCHAPv2) • EAP-TLS The following EAP methods are certified for OATH standards-based OTP authentication with the Microsoft Windows XP (SP1 or SP2) and Windows Vista supplicants with the HP-UX AAA Server A.08.
PAGE 11
IMPORTANT: See the HP-UX AAA Server documentation for the most recent product documentation. The secure LAN advisor The Secure LAN Advisor is an HTML help system in the Server Manager administration utility that explains the process of securing LANs and WLANs with the HP-UX AAA Server, using the Server Manager screens and tasks. The Secure LAN Advisor is informational only, it does not edit configuration files.
PAGE 12
Patch requirements Not applicable. The latest patch kits can be downloaded from the HP Support Center by using your HP Passport account. Web browser requirements A Web browser is required to use the Server Manager interface to administer and configure the HP-UX AAA Servers. Following are the Web browser requirements for HP-UX AAA Server A.08.02.10: • • Use only the following web browsers with the HP-UX AAA Server A.08.02.
PAGE 13
Table 6 User Database Administration Manager Requirements Product Version Oracle Install Client 10.2.0.2 MySQL Client 5.0.67 The database client and driver are not included with the HP-UX AAA Server. They must be obtained and installed separately. Availability in native languages The HP-UX AAA Server A.08.02.10 is currently available in English only.