HPE Community
Operating System - HP-UX
1836590 Members
1431 Online
110102 Solutions
New Discussion

Re: Security in VirtualVault

 
SOLVED
Go to solution
Simon_13
Occasional Contributor

‎01-09-2002 12:45 AM

‎01-09-2002 12:45 AM

Security in VirtualVault

Hello

I am working in a proyect to secure the Virtualvault web server, I'd like to know:

- If the certificates aren't used in the outside server the traffic could be encryted with the RSA keys or the traffic will be without encryt.
0 Kudos
Reply
3 REPLIES 3
Steven Sim Kok Leong
Honored Contributor

‎01-09-2002 03:05 AM

‎01-09-2002 03:05 AM

Re: Security in VirtualVault

Hi,

I am not sure about VirtualVault but for securing any webserver:

1) use SSL-based HTTP for encrypting traffic to and fro the client and webserver.

2) use SSL certificates for identification/non-repudiation of webserver and maintaining integrity of traffic transferred.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎01-09-2002 04:54 AM

‎01-09-2002 04:54 AM

Re: Security in VirtualVault

Simon,

In what ways are you trying to "secure" a already secure OS (Virtual Vault)?

Just six months ago, I replaced our 15+ Virtual Vaults with Bastion hosts. A Bastion Host, in my case HPux 9000's (10.20 and 11.x) running Iplanet, is a normal HPux host, but with most services shut off. It's a lot easier to develop on a normal host, and you don't have to worry about the stupid Virtual Vault TGP (Trusted GateWay Proxy) dying!!!

You can find bastion host info here (GREAT PAPER):
http://people.hp.se/stevesk/bastion.html

Another thing, VV is a dead product. HP doesn't even use it!!! And support for the product sucked!!!!


live free or die
harry
Live Free or Die
0 Kudos
Reply
Peter Cvar
Occasional Advisor

‎01-10-2002 12:06 AM

‎01-10-2002 12:06 AM

Solution

Re: Security in VirtualVault

I don't agree that VirtualVault is a dead product. VV is mainly used for Banks and other strongly secured E-commerce systems. Bastion host can't be a replacement for VirtualVault. In the last year HP released latest Virtual Vault 4.5 version with Apache Web Server.

I agree with Harry that support for VirtualVault is not as good as it should be. There are't many VirtualVault experts. VV is very complex to configure (especially if you use cryptographic HW accelerators) and the price is quite high.

Simon, you should use SSL and certificates to secure traffic on the outside Web Servers. You can test this with trial certificates. You can get them from Verisign for free.

Regards,
Pete
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.