HP-UX 11i v3 Installation and Update Guide, February 2007 (Initial Release)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Virtual Server Operating Environment (VSE-OE) LTU

Choosing an Installation Method

Security Considerations

Chapter 3 53

Security Choice Dependencies

The Sec00Tools security level is installed by default on your system.

Although Sec00Tools does not implement any security changes at

cold-install- or update-time, it does ensure that the required software

(Figure 3-1) is installed. The Sec00Tools security level contains the

pre-built configuration files that you can use to create a security level or

you can use it as a template to create a custom security configuration.

The Sec00Tools security level also ensures that the software needed by

those security levels is present.

Alternately, you can lock down your system using one of the following

selectable security levels at cold-install- or update-time:

• Sec10Host

• Sec20MngDMZ

• Sec30DMZ

Sec10Host, Sec20MngDMZ, and Sec30DMZ are dependent on Sec00Tools.

Figure 3-1 Install-time Security Software Dependencies

Sec20MngDMZ

Sec10Host

Sec30DMZ

Sec00Tools

IPFilter

Security

Patch

Check

HP-UX

Bastille

HP-UX

Secure

Shell

perl

Selectable security levels

Default-installed security levels

These selectable security levels

lock down your system at

cold-install- or update-time. They

depend on Sec00Tools to install the

needed software to secure your

system.

This default-installed security level

does not apply any security at

cold-install- or update-time.

The OpenSSL security level is

installed by default and is required to

secure your system either at

cold-install- or update-time or at a

later time.

OpenSSL