Support User Manuals

HP (Hewlett-Packard) 5187-2725 Server User Manual

Open as PDF

of 188

Choosing a Migration Path

Install-time Security Considerations

Chapter 248

e. Manual action may be required to complete configuration. See

/var/opt/sec_mgmt/bastille/TODO.txt for more information, after install or

update.

Table 2-5 Additional Sec30DMZ Install-time Security Settings

a

Category Actions

IPFilter

Configuration

b

Includes all IPFilter settings in Table 2-4 and:

Block incoming HIDS agent connections

c,d

Block incoming WBEM connections

e

Block incoming web admin connections

Block incoming web admin autostart connections

Block all traffic except HP-UX Secure Shell

a. Applies all security configuration settings in Table 2-3 and Table 2-4

b. IPFilter rules are applied via a custom rules file located at

/etc/opt/sec_mgmt/bastille/ipf.customrules

c. Settings only applied if software is installed

d. HP-UX Host IDS is a selectable software bundle and only available for commercial

servers

e. WBEM is required for several HP management applications including

ServiceControl Manager and ParMgr

previous next