Manualshelf

Network Security Features of HP-UX 11i v1 and 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
12345678910
Network Security Features of HP-UX 11i
Page 3
Individual systems (hosts, clients)
Network connections (TCP connections)
Applications or services (web servers, file servers)
HP-UX provides a rich set of products and features to provide network security for all of these layers.
Many of these products and features are flexible and can be used to protect more than one layer of the
network. All these products are available free of charge with the HP-UX 11i operating system. See
“Appendix A, Product Information” for details about obtaining HP-UX security products.
External Network Edge
HP-UX AAA Server (RADIUS): The HP implementation of AAA RADIUS network server
software is used for authenticated network access. AAA provides per-user authentication services to
devices controlling physical access to the network, such as Wireless LAN access points and network
firewalls/VPN gateways.
HP-UX Mobile AAA Server (Diameter): The HP implementation of the mobile AAA server is
based on the Diameter Base Protocol and Diameter Mobile IPv4 Application.
Internal Network Boundary
HP-UX IPSec: The HP implementation of the IPsec protocol suite provides secure transmission of
network communications between systems by providing authentication and encryption of IPv4 and
IPv6 packets. HP-UX IPSec also supports the Internet Key Exchange (IKE) protocol suite for
cryptographic key generation and distribution.
HP-UX IPFilter: The HP implementation of the open source IPFilter system firewall functionality.
System firewalls are used to trap and discard packets from unauthorized sources as they arrive to the
system. HP-UX IPFilter includes support for Dynamic Connection Allocation (DCA) to help fight
spam and protect against DoS attacks.
HP-UX AAA Server (RADIUS)
Indvidual System
HP-UX IPSec
HP-UX IPFilter
In addition to protecting the network access, HP-UX also provides a rich set of host based security
features to provide protection between applications and users within a single HP-UX server. For more
information on host-based security features, see the HP-UX 11i System Security White Paper. See
“Appendix A: For More Information” for details about obtaining this paper.
Network connection
Secure Socket Layer (SSL): SSL is used to secure individual connections between programs across
a network. HP provides the OpenSSL toolkit and has worked with RSA to provide industry leading
SSL performance in their SSL-C
®
toolkit.
TCP Denial-of Service Defense: TCP incorporates a defense against SYN attacks.