HOWTO: Install AIX PDF Print E-mail
User Rating: / 31
Written by Michael Felt   



For an initial install the defaults are probably fine, but let's take a peek.
Option 3 please.

Security Models

Do not start with Trusted AIX. That is an advanced topic we shall cover on another day. Since we are
looking at options - Option 2 please.

Standard Security Options


Defaults are all No - and we shall leave them at No.
Option 1. "Secure by Default" installs less of AIX than usual - being more secure than installing everything. Also, "Secure by Default" calls AIX Security Expert during the
first boot to do some automatic system hardening.
Option 2. "CAPP and EAL4+ Configuration Install" - Controlled Access Protection Profile and
European Audit Level 4 with some additions. This used to be known as C2 (from Orange Book days) Security.
Option 3. Trusted Computing Base Install. This is the old TCB install. Great in it's day - we do not want it now.
Instead, for AIX 6 and AIX 7 we will use the default TE, Trusted Execution. Note: if you are installing AIX4 or AIX5
the steps are nearly identical - the options for step 3 are different. I used to recommend installing TCB for AIX4
and AIX5 - but that prevents a clean migration from AIX5 to AIX6 and higher (neither TE nor efs (encrypted
file systems) will install. I have also had problems with the new pconsole on migrations from AIX 5.2 and AIX 5.3.
For AIX6 and higher I highly recommend a "New and Overwrite" install - see above please.
Use option 0 now (Continue to more software options)

< Prev   Next >