HP-UX IPFilter A.03.05.13 Release Notes: HP-UX 11i v3
HP-UX IPFilter Release Notes
What’s in This Version
Chapter 14
What’s in This Version
What’s New In This Version
HP-UX IPFilter version A.03.05.13 contains the following enhancements:
• Support of HP-UX IPFilter on X.25 interfaces
• Ability to enable and disable HP-UX IPFilter on a machine without rebooting
• Ability to install HP-UX IPFilter without a reboot
NOTE By default, HP-UX IPFilter is installed but not enabled on HP-UX 11i v3,
unless you are using Bastille/ITS, in which case HP-UX IPFilter is
automatically enabled.
• Kernel tunables are now queried and configured using kctune instead of ndd
• Defect fixes
For more information about the enhancements to HP-UX IPFilter, see “Enhancements” on
page 12 of this release note.
For more information about the defect fixes, see “Fixes in This Version” on page 14 of this
release note.
Benefits and Features
HP-UX IPFilter version A.03.05.13 provides the following key benefits:
• Protects an individual host on an intranet against internal attacks
• Protects an individual host on an intranet against external attacks which have breached
perimeter defenses
• Provides an alternative to the restricted configuration of Internet Services
• Protects bastion host on the perimeter or in the DMZ
The following major features are included with HP-UX IPFilter version A.03.05.13:
• Explicitly permits or denies a packet from passing through based on:
— IP address or a range of IP addresses