- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Any comment on CA eTrust
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-21-2004 03:31 PM
тАО04-21-2004 03:31 PM
I would like to seek advise and comment on CA eTrust products (e.g. Access Control, Vulnerability Manger, etc) running on HP-UX 11.0.
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-21-2004 04:21 PM
тАО04-21-2004 04:21 PM
Re: Any comment on CA eTrust
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-21-2004 05:34 PM
тАО04-21-2004 05:34 PM
SolutionAccess Control does more than just the password security for the system, (and doesn't have to do password aging if you don't want it to.) It has a 'tripwire' type function where it will block execution of a script if the script changes. (Like a suid script that has changed...) You can do root (and other privledged) user provisioning. (Similar to sudo.) They also have a 'su' function which allows you to grant privledged user access without giving out the password. Access Control runs very well on HPUX. The just released eAC 5.3 works very well. (We installed pre-release.) It doesn't hook into the kernel as deep as older versions did.
Policy Compliance works very well on an OS. It runs as an agent on your HPUX machine. It looks at things like file permissions, network permissions, user settings, etc. I hear that Policy Campliance and Vulnerability Manager are merging in to the same product eventually. If you have no idea what kinds of files and permissions are on your system, and don't have the time to sit and write scripts, then policy compliance will quickly show you where the problems are.
We have had some issues with the Firewall product, but many of them have been resolved. I don't have much to say about the Firewall product past saying it's a host based firewall. (A firewall is a firewall. Not much else to say, really.) The Administration GUI for the Firewall product is very nice to have, however. You can administer all host firewall from the same place, and it is very easy to create rules, view the traffic, view what is being blocked by the filewall, etc. It also has a nice report feature allowing you to run reports on traffic or denial history...
I would encourage you to either get training or professional services for the Access Control product before installing and implementing. You do not want to proceed without understanding what you are doing.
Did you have any more specific questions?
Hope it helps
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-22-2004 02:00 PM
тАО04-22-2004 02:00 PM
Re: Any comment on CA eTrust
About the 'su' function, is it look like the RSAM in HP-UX (no RSAM similar function in AIX).
I have heard that the eTrust has performance problem in HP-UX, is it resource demanding?
Besides password security and grant users privilege, any other features which Access Control is good at. Can it used as centralized password change of user account?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2004 03:32 AM
тАО04-23-2004 03:32 AM
Re: Any comment on CA eTrust
We are using Access Control for our password policies / aging / syncronizing. (I change my password on one machine, it gets changed on all other Unix/Linux machines.
We did see some performance issues on our very busy web servers, but there were some settings we changed in Access Control to do some tuning, and the performance issues went away. (Like a year ago...)
We use it to protect files (like suid) on the systems also.
Hope it helps
John