AIX Security Expert AIX® Security Expert provides a center for all security settings (TCP, NET, IPSEC, system, and auditing). AIX Security Expert is a system security hardening tool. It is part of the bos.aixpert fileset. AIX Security Expert provides simple menu settings for High Level Security, Medium Level Security, Low Level Security, and AIX Standard Settings security that integrate over 300 security configuration settings while still providing control over each security element for advanced administrators. AIX Security Expert can be used to implement the appropriate level of security, without the necessity of reading a large number of papers on security hardening and then individually implementing each security element. ‘AIX Security Expert can be used to take a security configuration snapshot. This snapshot can be used to set up the same security configuration on other systems. This saves time and ensures that all systems have the proper security configuration in an enterprise environment. ‘AIX Security Expert can be run from SMIT, or you can use the aixpert command. AIX Security Expert settings The following coarse-grain security settings are available: High Level Security High-level security Medium Level Security Medium-level security Low Level Security Low-level security ‘Advanced Security Custom user-specified security AIX Standard Settings Original system default security Undo Security ‘Some AIX Security Expert configuration settings can be undone Check Security Provides a detailed report of current security settings > AIX Security Expert security hardening Security hardening protects all elements of a system by tightening security or implementing a higher level of security. > Secure by default Secure By Default (SbD) is the concept of installing a minimal set of software in a secure configuration. > Distributing security policy through LDAP LDAP can be used to distribute AIX Security Expert XML configuration files. You can use AIX Security Expert to copy a security configuration from one system to another. This allows for similar systems to have the same security configuration. This consistency can reduce security vulnerabilities. > Customizable security policy with user-defined AIX Security Expert XML rulesYou can use XML files to configure unique security policies. Stringent check for weak passwords This AIX feature checks for weak passwords when passwords are changed. If this option is selected with AIX Security Expert, this additional password check is performed when a user selects or changes their password. This check guards against the use of English dictionary words and the 1000 most common US first names based ona recent US Census. COBIT control objectives supported by AIX Security Expert AIX Security Expert supports the SOB-COBIT Best Practices Security level in addition to the High, Medium, Low, AIX Default and Advanced Security settings. Applying COBIT control objectives using AIX Security Expert You can use the aixpert -1 s command to apply the SCBPS level to the system. The audit log for this can be generated by turning on the AlXpert_apply event. Any failures (either a prerequisite failure or an apply failure) are reported to stderr and the audit subsystem if enabled. ‘SOX-COBIT compliance checking, audit, and pre-audit feature You can use the aixpert ~c -1 s command to check a system's SOX-COBIT compliance. AIX Security Expert only checks for the supported control objectives compliance. Any violations found during the checking are reported. By default, any violations are sent to stderr. AIX Security Expert Password Policy Rules group AIX Security Expert provides specific rules for password policy. AIX Security Expert User Group System and Password definitions group AIX Security Expert performs specific actions for user, group, and password definitions. AIX Security Expert Login Policy Recommendations group AIX Security Expert provides specific settings for login policy. AIX Security Expert Audit Policy Recommendations group AIX Security Expert provides specific audit policy settings. AIX Security Expert /etc/inittab Entries group AIX Security Expert comments out specific entries in /etc/inittab so that they do not start when the system boots, AIX Security Expert /etc/rc.tepip Settings group AIX Security Expert comments out specific entries in /etc/xc.. tepip so that they do not start when the system boots. AIX Security Expert /etc/inetd.conf Settings group AIX Security Expert comments out specific entries in /etc/inetd. cong. AIX Security Expert Disable SUID of Commands group By default, the following commands are installed with the SUID bit set. For High, Medium, and Low security, this bit is unset. For AIX Standard Settings, the SUID bit is restored on these commands. AIX Security Expert Disable Remote Services group AIX Security Expert disables unsecure commands for High Level Security and Medium Level Security. AIX Security Expert Remove access that does not require Authentication group AIX supports few services that do not require user authentication to log into the network.Parent to} AIX Security Expert Tuning Network Options group Tuning network options to the proper values is a large part of security. Setting a network attribute to 0 disables the option and setting the network attribute to 1 enables the option. AIX Security Expert IPsec filter rules group AIX Security Expert provides the following IPsec filters, AIX Security Expert Miscellaneous group AIX Security Expert provides miscellaneous security settings for High, Medium, and Low Level Security. AIX Security Expert Undo Security You can undo some AIX Security Expert security settings and rules. AIX Security Expert Check Security AIX Security Expert can generate reports of current system and network security settings. AIX Security Expert files AIX Security Expert creates and uses several files. AIX Security Expert High level security scenario This is a scenario for AIX Security Expert High level security. AIX Security Expert Medium level security scenario This is a scenario for AIX Security Expert Medium level security. AIX Security Expert Low level security scenario This is a scenario for AIX Security Expert Low level security. > security