Manualshelf

XYGATE Compliance PRO (XSW) Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
161162163164165166167168169170
XYPRO Technology Corporation 151 Proprietary and Confidential
Chapter 8. Best Practice Policy
Best Practice Policies are positive system configuration parameters that can be tested.
For example, one Best Practice is The Safeguard parameter NAME-LOGON must be
set to ON. Best Practices are created and reported on an individual node basis.
Best Practices map the specific recommendations in the books HP NonStop Server
Security: A Practical Handbook and Securing HP NonStop Servers in an Open
Systems World: TCP/IP, OSS & SQL (refer toBest Practices on page xiv for ISBNs)
to the data collected from each node on your system. You can customize Best
Practices for each individual node and add your own custom Best Practices as
described later in this chapter (refer to section 8.8 starting on page 159).
8.1 Loading Best Practices
Selecting the Best Practice Policy Rules checkbox on the Advanced Loading
Selections tab allows Best Practice information to be collected and automatically
loaded for any nodes that are collected in the collection. (See item 15 on page 98 in
Chapter 5, “Collection Specifications.”)
Note: Items in Best Practices that are not collected, such as disk volumes, will result in
“Not Found” Best Practice items. Usually, it is recommended that all resources
be collected when expecting good Best Practice results.
The default set of best practices are created and checked upon the first collection and
load for the node. The xswLoader attempts to map the HP operating system level and
associated system files with the default set. Several thousand checks will be created
as the default set. The values set by the recommendations in the books are guidelines
and may not be your corporate policy. You should expect a large number of
discrepancies after the initial setup of best practices.
Once you have reviewed the setup, you can disable certain checks, modify the
checking value to match your policy, correct values in your environment, and add new
checks to the best practice mechanism.
The goal of the Best Practices is to have a set of finite checks performed on your
system that meet the expectation and therefore pass the check.
Best practices cannot be retrofitted back into an existing collection.