- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Security Products on HP-UX
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 07:23 PM
тАО05-05-2004 07:23 PM
I need info on how/why HP-UX is a better OS compared to AIX, Solaris etc, especially in the security space.
I have seen a couple of whitepapers about the security offerings on HP-UX but none containing a competitive analysis.
Any pointers would be of great help.
Regards,
Swetha.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 07:37 PM
тАО05-05-2004 07:37 PM
Re: Security Products on HP-UX
Also this thread might be interesting to you:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=426710
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 07:43 PM
тАО05-05-2004 07:43 PM
Re: Security Products on HP-UX
Below you find some security products. Docs can be found at http://www.docs.hp.com/hpux/internet/index.html
HP Bastille
http://www.software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA
Secure Shell
http://www.software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA
More,
http://www.software.hp.com/portal/swdepot/displayProductsList.do?category=ISS
Hope this helps,
Robert-Jan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 07:50 PM
тАО05-05-2004 07:50 PM
Re: Security Products on HP-UX
are you asking about how secure the platform, HP-UX compares against the other platform, e.g. AIX, Solaris, LINUX?
regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 07:54 PM
тАО05-05-2004 07:54 PM
Re: Security Products on HP-UX
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J5083AA
IpSec
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4256AA
Security Patch Check(comes with Bastille)
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
Strong really random number generator
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I
Don't forget two education offerings:
Practical Network & Unix SEcurity
Internet Security
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 08:14 PM
тАО05-05-2004 08:14 PM
Solutionhttp://www.boran.com/security/it15-os-overview.html
This has a nice summary of security levels (eg, c1, c2, b1 and b2 - in increasing order of more secure) against which OS can do them. Then you need to investigate which level SunOS, AIX and HPUX can do. Basically all can do C2, Sun and HP have a variant which can do the much more secure B1, cant see AIX on there (above C2).
Cheers,
Stefan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 08:15 PM
тАО05-05-2004 08:15 PM
Re: Security Products on HP-UX
This link may help you.
http://www.hp.com/products1/unix/operating/security/index.html#hpux11i_system
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-05-2004 08:22 PM
тАО05-05-2004 08:22 PM
Re: Security Products on HP-UX
NSA (National Security Agency)
document: Information Systems Security: Product and Services Catalog
But the one I posted is old - 1995. There is surely updated versions but you must purchase them from the NSA (thats why theyre not freely available on the web) - theyre cheap though. Check it out here;
http://www.boran.com/security/nsapubs.txt
Unless someone has an updated version they can post here ?
Obviously this sort of Unix security comparison requries a lot of work thats why the NSA charge for the results.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-06-2004 09:22 AM
тАО05-06-2004 09:22 AM
Re: Security Products on HP-UX
http://h71028.www7.hp.com/enterprise/downloads/unix_ranking.pdf
and
http://whitepapers.zdnet.co.uk/0,39025945,60044220p-39000571q,00.htm
DH Brown evaluated OSes including Solaris, AIX, and HP-UX against 5 categories, including Security Services, and gave HP-UX top scores in all categories.
The report's a bit dated, but I believe it's DH Brown's most recent UNIX Function review.
HP-UX has added a number of security features since that evaluation, further strengthening our offering (Security Patch Check, Bastille, Install Time Security, executable stack protection and more were added after the DH Brown evaluation, and many other security features were enhanced since then as well, including even more LDAP integration, improvements to IPFilter and Host Intrusion Detection and others mentioned in the HP URLs listed in earlier messages).
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-06-2004 10:58 AM
тАО05-06-2004 10:58 AM
Re: Security Products on HP-UX
But, on the downside (sorry):
C2 is a great idea, but not that many applications support it. System calls to get/set the password entry change from getpwent to getprpwent - not many applications take this into account, and so fail authentication. Caution is advised.
By default, there is no shadow password file, so it is possible to extract the encoded passwords. This is a *real* pain. HP did bring this functionality out as a patch, but last time I looked at it it didn't support NIS (cringe) or LDAP. Again, a bit of a pain if you use those services.
IDS is sort of OK, but I personally found it a bit cumbersome, and the more systems you had the more cumbersome it became to try and keep on top of it all. There are other alternatives to system monitoring out there (tripwire, Axent ESM etc etc) that may be more useful.
Some of the default ndd settings are a little odd, and need to be modified to circumvent not only malicious attacks but mis-behaving applications too.
Any system, when it comes to security, is only as good as its configuration. Some of the extra tools can be dangerous to your security if you are not careful (ie sudo - great to log who does what as root rather than log in as root themselves, but a slight mis-configuration can grant anyone root access without a password).