Manualshelf

HP-UX IPSec Version A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
41424344454647484950
HP-UX IPSec Product Requirements
Prior to installing the HP-UX IPSec product, check that your system can accommodate the
following product requirements.
Software Requirements
HP-UX IPSec requires the following software:
OpenSSL software version A.00.09.07l or later. There are two ways to meet this requirement:
On HP-UX 11i v3 systems, the software bundle SysMgmtMin includes OpenSSL software
that meets this requirement.
OpenSSL software for HP-UX is available at no charge from the HP Software Depot
website, at the following web address:
software.hp.com
Search for the product OpenSSL.
You must also install a patch to use the features for processing ICMPv4 and ICMPv6 messages:
RFC 4301 ICMP error processing (if a network session is secured by an IPsec security
association, any ICMPv4 or ICMPv6 error messages generated by that session are secured
using the same IPsec security association).
Packet filters in host rules for specific ICMPv4 or ICMPv6 message types (the
-src_icmp_type, -dst_icmp_type, -src_icmpv6_type, and -dst_icmpv6_type
arguments).
To use these ICMPv4 and ICMPv6 message processing features, you must install one of the
following patches:
On HP-UX 11i v2 systems, install PHNE_39387
On HP-UX 11i v3 systems, install PHNE_39709
Disk Requirements
The total size of the disk space required for the HP-UX IPSec product is 50 Mbytes. Requirements
for variable-length user files are listed below:
Configuration database file (/var/adm/ipsec/config.db): minimum of 50 kbytes per
policy file. Most configuration database files will be approximately 1 Mbyte or less. An
extremely large configuration database (thousands of entries) can be as large as 5 Mbytes.
Audit file: This file can grow very fast if Informative auditing is enabled. HP recommends
1 Mbyte for the Alerts and Errors level of logging, 5 Mbytes for the Warnings level, and 200
or more Mbytes for the Informative message level. Informative auditing could generate 3-5
Mbytes per hour. Audit files should be kept in a separate directory or file system. The default
directory is /var/adm/ipsec.
48 Installing HP-UX IPSec