Manualshelf

H06.26 Release Version Update Compendium

ManualsBrandsHP ManualsServerHP Integrity NonStop Release and Migration
11121314151617181920
Fallback Considerations
None.
Safeguard V5R1
Safeguard V5R1 has the following new features:
A new attribute TIMEOUT-ALL-AUTHZREQ is introduced as part of the SEEP management
commands to support the timeout concept for deniable users. The client auditing functionality
will be fulfilled by the Safeguard helper process instead of the Safeguard monitor process.
Audit of the originating (client) IP address is logged if a user gets connected to the NonStop
system either through Telnet or FTP clients.
Additional access permissions WRITE (W) and PURGE (P) can be specified for the
OBJECTTYPE DISKFILE, VOLUME and SUBVOLUME record access control list.
A new Safeguard security group SECURITY-MEDIA-ADMIN has been introduced. If configured,
only users belonging to this security group are allowed to manage the tape subsystem.
Migration Considerations
On migrating from a pre-H06.26 to an H06.26 RVU, by default the attribute
TIMEOUT-ALL-AUTHZREQ will be set to OFF and the audit functionality will be fulfilled by
the Safeguard helper process.
On migrating from a pre-H06.26 to an H06.26 RVU, a new secondary record of type “OTHER”
will be generated in the audit authentication record if the IP Address is provided in the
USER_AUTHENTICATE_ call.
On migration from a pre-H06.26 to an H06.26 RVU, Standard Security SPR T6533H05^ACY
must be used if Mediacom SPR T6028H01^ABN or above is installed.
Fallback Considerations
On fallback, the attribute TIMEOUT-ALL-AUTHZREQ will be retained in the database but
will not be read by the older versions of Safeguard. Also, if doing a fallback to a pre-H06.26
RVU, both Safeguard and Standard Security SPRs should be changed to ensure uninterrupted
support for client auditing.
If an application is using the new version of USER_AUTHENTICATE_ and specifies the IP
Address parameter, on fallback to an older RVU, the applications will abend with an illegal
instruction. If process started from that application is unstoppable, then it might halt the CPU.
If Objecttype Diskfile/Volume/Subvolume have been added with W and P authorities on
fallback to pre H06.26, the respective records are displayed with the authorities W and P
but these authorities will not take effect during the evaluation. Before fallback, it is recommended
to remove the W and P authorities on the Objecttype Diskfile/Volume/Subvolume.
It is advised that the Standard Security should not be downgraded to a version older than the
SPR T6533H05^ACY if the Mediacom SPR T6028H01^ABN is installed. However, Safeguard
can be downgraded to an older version without any problem. Prior to fallback, it is
recommended that the SECURITY-MEDIA-ADMIN security group be deleted (if it exists).
Safeguard V5R1 17