Manualshelf

HP-UX Host Intrusion Detection System Version 4.7 Release Notes HP-UX 11i v3 (766145-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
12345678910
1 Announcement
The HP-UX Host Intrusion Detection System Version 4.7 supports Java 6.0.
What is HP-UX HIDS
HP-UX HIDS is a host-based HP-UX security product for HP computers running HP-UX 11i. HP-UX
HIDS enables security administrators to proactively monitor, detect, and respond to attacks targeted
at specific hosts. Many types of attacks can bypass network-based detection systems. HP-UX HIDS
monitors these bypassed attacks and complements the existing network-based security mechanisms,
bolstering enterprise security.
HP-UX HIDS seeks patterns that might suggest security breaches or misuse by examining information
about system activity from a variety of data sources. It detects illicit activities that include attempting
to break into or disrupt the system, modifying system files and directories, or attempting to spread
a virus. When HP-UX HIDS detects an intrusion attempt, it issues an alert to the administrative
interface, where users can immediately investigate the situation, and take necessary action against
the intrusion. In addition, users can customize a local response to an alert as described in Appendix
B, Response Programs in the Host Intrusion Detection System Administrator Guide.
HP-UX HIDS is particularly useful for enterprise environments in which centralized management
tools control networks of heterogeneous systems. These environments include Web servers,
transaction processors, application servers, and database systems.
Compatibility with previous versions
HP-UX HIDS v4.7 software is backward compatible with HIDS versions 4.4, 4.3, 4.2, 4.1, 4.0,
and 3.1. However, surveillance schedules created with 3.1 or 4.0 must be migrated to HIDS v4.3
(see “Migrating Schedules from Older Versions of HIDS” (page 15)). Schedules created with HIDS
v4.1 or v4.2 do not need to be migrated. However, v4.1 schedule must be migrated in order to
make use of the configuration properties introduced in v4.2 and supported in v4.3.
NOTE: HP-UX HIDS v4.7 is not backward compatible with HIDS v1.0 and HIDS v2.0, v2.1, and
v2.2 (collectively referred to as HIDS 2.x). HIDS v1.0 and HIDS v2.x are obsolete. HIDS v4.7
schedules with the Log File Monitoring detection template feature enabled cannot be activated
by HIDS agents running the HIDS v4.1 software.
The Schedules configured with Containers (SRPs) cannot be activated on agents running HIDS v4.3
and earlier.
Compatibility with Other Products
HP-UX HIDS is not compatible with all HP software products; see Table 1 for the list of products
that are supported. Do not run HP-UX HIDS on systems that are running unsupported products (or
vice versa).
Table 1 HP-UX HIDS Product Compatibility
SupportProduct
YesHP-UX 11i v3
NoHP-UX 11i v2
NoHP-UX 11i v1.6
NoHP-UX 11i v1.5
NoHP-UX 11i v1
YesNIS, NIS+
6 Announcement