Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions

191

192

193

194

195

196

197

198

199

200

basic types of unauthorized system activity or security attacks frequently found on

enterprise networks.

• Provides notification in the event of suspicious activity that might precede an attack.

By contrast, other intrusion detection systems rely entirely on an operator-instigated

analysis of the system log files. Typically the operator analyses the system log files

at the end of the day. This delay in the analysis of the attack provides considerable

time to damage the system.

For more information, see the HP-UX HIDS documentation:

http://www.hp.com/go/hpux-security-docs

Click HP-UX Host Intrusion Detection System Software.

B.1.3 HP-UX IPFilter

HP-UX IPFilter is a system firewall that filters IP packets to control packet flow in or out of

a machine. It works as a security defense by cutting down on the number of exposure

points on a machine.

For more information, see the HP-UX IPFilter documentation:

http://www.hp.com/go/hpux-security-docs

Click HP-UX IPFilter Software.

B.1.4 Security Patches

HP-UX Software Assistant (SWA) is a command-line based tool that consolidates and

simplifies patch management and security bulletin management on HP-UX systems. The

SWA tool is new for HP-UX releases as of January 2007, replaces Security Patch Check

(SPC), and is the HP-recommended utility to use to maintain currency with HP-published

security bulletins for HP-UX software.

HP provides up-to-date software patches to known security problems that allow

unauthorized root access to your system.

For more information, see the HP-UX SWA documentation:

http://www.hp.com/go/hpux-security-docs

Click HP-UX Software Assistant (SWA) Software.

B.2 Protecting Data

In addition to the security products that are discussed in Part II Protecting Data, the

following security products offer additional data protection.

B.2.1 HP-UX Containers (SRP)

HP-UX Containers, formerly Secure Resource Partitions (SRP), allows you to deploy multiple

isolated container-based environments on a single server platform. This allows the

enterprise to host multiple workloads in a single operating system instance, thereby better

utilizing server resources (CPU, memory, network access) and data center resources

(power, cooling, footprint), and reducing the overall number of operating system instances

200 Other Security Products