Security


Quick Links:

Enhanced Security/Trusted Operating System
Standard Security


Enhanced Security/Trusted Operating System

NOTES Tru64 UNIX V5.1x
Enhanced Security
HP-UX 11i v2
Trusted HP-UX
Compliance ITSEC E2/C2 ITSEC E3/C3 CC CAPP EAL4
Password Rules
  1. Passwords longer than eight characters
  2. Passwords complexity checking (forces users to use unrecognizable strings)
  3. Password reuse checking
  4. Password life cycle management
  1. Passwords longer than eight characters
  2. Passwords complexity checking (forces users to use unrecognizable strings)
  3. Password reuse checking
  4. Password life cycle management
Login Controls
  1. Limit hours of access
  2. Prevent suspicious access during off-hours
  3. Prevent suspicious access from remote locations
  1. Limit hours of access
  2. Prevent suspicious access during off-hours
  3. Prevent suspicious access from remote locations
Kerberos Client Support Supports MIT and Windows 2000 Kerberos Domain Controllers

Tru64 UNIX Enhanced Security allows creation and management of UNIX user information in Windows 2000 Active Directory

Available as separate product
Kerberos Domain Controller Support Not available Available as separate product
Directory-based Authentication
and Name Resolution
Primary LDAP or NIS servers;
YPLDAP not available.
Name Service Switch (NSS) implemented using /etc/svc.conf.
Name Service Switch (NSS) available; features include:
  1. /etc/passwd file lookup
  2. /etc/group file lookup
  3. NFS Automounter lookup
  4. sendmail alias lookup

Standard Security

NOTES Tru64 UNIX V5.1x HP-UX 11i v2
Limited Superuser Access Division of Privileges Restricted SAM
Network Information Service (NIS) Supported Supported
Access Control Lists Supported on all supported file systems:
getacl, setacl
Journaled File System (JFS):
getacl, setacl

High Performance File System (HFS):
lsacl, chacl