Manualshelf

XYGATE Compliance PRO (XSW) Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
271272273274275276277278279280
XYPRO Technology Corporation 257 Proprietary and Confidential
Glossary
Some specialized terms are used in XSW. Terms in bold font are defined in this
section.
ACCESS MAP
Access mapping provides a way to discover which users can do what to which files
based on Guardian, Safeguard, and XOS security implementations and which users
can execute which ACACL Command entries in XAC.
ALTERNATE TAB
Alternate views of security rules are available on tabs via the treeview. These tabs can
be used or custom tabs created.
ATTRIBUTE
An attribute is a specific characteristic of a security rule entity which can be tested by
XSW. For example, if the security rule entity is Safeguard Globals, the values of the
ACL Required fields within the globals forms a specific attribute. Attributes are
displayed according to the security rule entities for which they are defined.
AUDIT
The SWCONF file keyword used to determine the audit file specifications.
BEST PRACTICE
Best Practices are a set of policies that have been defined by XYPRO in accordance
with the security principles laid out in the books HP NonStop Server Security: A
Practical Handbook and Securing HP NonStop Servers in an Open Systems World:
TCP/IP, OSS & SQL (refer to “Best Practices” on page xiv for ISBNs). In general, a
Best Practice policy deals with how a single file or small set of files should be secured
or configured.
For example, a Best Practice policy from the book states that there must be a
SAFE.GUARD file for each disk. The Best Practice database in XSW will have an
entry that shows that object $?.SAFE.GUARD using the operation EXIST must have an
outcome of YES. When executed, the XYGATESW module that creates the Best
Practice will look for a SAFE.GUARD file on each disk, making as many Best Practice
policy entries as there are disks on the system. For each disk, if the SAFE.GUARD file
is found, then the Best Practice will be marked YES and have a STATUS of PASS. If it
is not found, then it will be marked NO and have a status of FAIL.