The install-time security options allow you to
configure an HP-UX Bastille security lockdown engine, which can include
an HP-UX IPFilter firewall. After system installation is complete,
it will have one of the preconfigured levels of security.
During installation, you can choose from four
preconfigured levels of security:
- Sec00Tools
Install the security infrastructure but without enabling
optional security features. This is the default.
- Sec10Host
Install a host-based lockdown system, without HP-UX
IPFilter firewall configuration. With this level of security, most
network services are disabled. These services can be reinstated by
running the bastille(1M) command.
- Sec20MngDMZ
Install a managed lockdown system that blocks most
incoming traffic with an HP-UX IPFilter firewall.
- Sec30DMZ
Install a DMZ Full lockdown system, which is a host-based
and IPFilter network lockdown. HP-UX IPFilter blocks almost all incoming
connections.
For information on HP-UX Bastille, see Chapter 3. For information on HP-UX IPFilter, refer to
the HP-UX IPFilter Administrator's Guide at:
http://www.docs.hp.com/en/internet.html#IPFilter
Printable version
