HOWTO: Install AIX PDF Print E-mail
User Rating: / 31
PoorBest 
Written by Michael Felt   

Security

Image

For an initial install the defaults are probably fine, but let's take a peek.
Option 3 please.

Security Models

Image
Do not start with Trusted AIX. That is an advanced topic we shall cover on another day. Since we are
looking at options - Option 2 please.

Standard Security Options

Image

Defaults are all No - and we shall leave them at No.
Option 1. "Secure by Default" installs less of AIX than usual - being more secure than installing everything. Also, "Secure by Default" calls AIX Security Expert during the
first boot to do some automatic system hardening.
Option 2. "CAPP and EAL4+ Configuration Install" - Controlled Access Protection Profile and
European Audit Level 4 with some additions. This used to be known as C2 (from Orange Book days) Security.
http://www.commoncriteriaportal.org/files/ppfiles/capp.pdf
http://publib.boulder.ibm.com/infocenter/aix/v6r1/topic/com.ibm.aix.security/doc/security/capp_eal4plus.htm
http://en.wikipedia.org/wiki/Evaluation_Assurance_Level
Option 3. Trusted Computing Base Install. This is the old TCB install. Great in it's day - we do not want it now.
Instead, for AIX 6 and AIX 7 we will use the default TE, Trusted Execution. Note: if you are installing AIX4 or AIX5
the steps are nearly identical - the options for step 3 are different. I used to recommend installing TCB for AIX4
and AIX5 - but that prevents a clean migration from AIX5 to AIX6 and higher (neither TE nor efs (encrypted
file systems) will install. I have also had problems with the new pconsole on migrations from AIX 5.2 and AIX 5.3.
For AIX6 and higher I highly recommend a "New and Overwrite" install - see above please.
Use option 0 now (Continue to more software options)


 
< Prev   Next >
Login