Manualshelf

Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
71727374757677787980
Safeguard System Security
Security Management Guide 522283-021
3 - 20
Managing the Audit Service
Additionally, the Safeguard software audits several actions automatically. These
actions include attempts to manage the Safeguard configuration, attempts to manage
the Safeguard audit service, and attempts to execute TERMINAL and EVENT-EXIT-
PROCESS commands.
The Safeguard software also accepts and stores audit records of security-related
events generated by other HP privileged subsystems.
The Safeguard Audit Service Manual describes the complete facilities that the audit
service offers.
Managing the Audit Service
Managing the audit service involves the following tasks:
Specifying the location of audit information
Specifying what recovery actions the audit service should take if the audit trail
becomes inaccessible
Specifying who can issue restricted audit commands
These tasks are introduced here and described in detail in the Safeguard Audit Service
Manual.
Specify Security Groups
With the Safeguard software, you can specify three security groups to designate who
can issue restricted audit commands. These three groups are the
SECURITY-ADMINISTRATOR security group, SYSTEM-OPERATOR security group
and the SECURITY-OSS-ADMINISTRATOR. The Safeguard Reference Manual
describes the capabilities of each group.
Establish Audit Pools
The audit service allows you to specify where you want audit records to be written. You
specify an audit pool, which is a subvolume that contains one or more audit files. If you
do not specify an audit pool, the system stores the audit records in the
$SYSTEM.SAFE subvolume.
Specify Recovery Actions
Determine what actions the audit service should take in case an audit file becomes full
or a disk volume containing the audit files goes down. For example, you can choose
between suspending auditing or denying any future access and authentication
Note. In addition to audit service capabilities, members of the SECURITY-ADMINISTRATOR
security group can configure and stop the Safeguard subsystem, manage an event-exit
process, and add terminals to the Safeguard database (for authentication control). Consider
this when specifying members for this security group.