Professional Documents
Culture Documents
AN58G1 Quick View With Full Toc
AN58G1 Quick View With Full Toc
cover
Front cover
Course Quick View with Full TOC
Implementing AIX 7 Security
Course code AN58G ERC 1.0
V11.0
Contents
TOC
Contents
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Course description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Agenda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
TMK
Trademarks
The reader should recognize that the following terms, which appear in the content of this training
document, are official trademarks of IBM or other companies:
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business
Machines Corp., registered in many jurisdictions worldwide.
The following are trademarks of International Business Machines Corporation, registered in many
jurisdictions worldwide:
AIX 6™ AIX® DB2®
GPFS™ Notes® OS/400®
Power Systems™ Power® PowerPC®
pureScale® Tivoli®
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other
countries, or both.
Java™ and all Java-based trademarks and logos are trademarks or registered trademarks of
Oracle and/or its affiliates.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Social® is a trademark or registered trademark of TWC Product and Technology, LLC, an IBM
Company.
Other product and service names might be trademarks of IBM or other companies.
pref
Course description
Implementing AIX 7 Security
Purpose
This course is designed to help implement a security policy in an AIX environment. Students learn
the security features of AIX including administrative commands and components such as
role-based access control and Trusted Execution to secure the operating environment from security
threats.
Audience
This course is intended for persons who:
• Want to learn what the security mechanisms are in an AIX system
• Will plan, implement, or distribute a security policy in AIX
The audience for this training includes:
• AIX technical support individuals
• System administrators
• System architects
Prerequisites
Students should have basic AIX administration experience. The AIX prerequisite may be met by
attending one of the two following classes or having equivalent AIX skills:
• AN10G AIX Basics
• AN14G Jumpstart for UNIX Professionals
• Some knowledge of VIO LPARs is required. This prerequisite could be met by attending the
following class or having equivalent skills.
▪ AN30G Power Systems for AIX - Virtualization I: Implementing Virtualization
pref
Objectives
• Describe security threats to a computer system
• Describe the AIX commands and components for AIX system security
• Configure the role-based access control (RBAC) feature
• Implement encrypted file systems
• Implement the Trusted Execution feature
• Centralize security with LDAP
• Implement the AIX installation time options of Secure by Default and Trusted AIX
pref
Agenda
Day 1
(00:30) Welcome
(01:00) Unit 1 - Introduction to AIX security features
(00:30) Exercise 1 - Security in an IT environment
(01:30) Unit 2 - AIX base system security
(01:30) Exercise 2 - AIX base system security
Day 2
(02:00) Unit 3 - Implementing role-based access control
(01:00) Exercise 3 - Implementing role-based access control
(01:00) Unit 4 - Implementing encrypted file systems
(01:00) Exercise 4 - Implementing encrypted file systems
(01:00) Unit 5 - Implementing Trusted Execution
Day 3
(01:00) Exercise 5 - Implementing Trusted Execution
(01:30) Unit 6 - Centralizing security with LDAP
(01:30) Exercise 6 - Centralizing security with LDAP
(01:00) Unit 7 - AIX install time security options
(01:00) Exercise 7 - AIX install time security options
Uempty
Overview
This unit reviews the security exposures in an IT environment.
References
AIX 7.1 Security
http://www.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.
aix.security/security-kickoff.htm
AIX 7.2 Security
http://www.ibm.com/support/knowledgecenter/ssw_aix_72/com.ibm.
aix.security/security-kickoff.htm
.
Uempty
Overview
This unit discusses the AIX facilities that address potential issues in the AIX base system security
when configured without security in mind.
Uempty
Overview
This unit is about the role-based access control (RBAC) facility of AIX. You learn how it works and
how to configure it.
Uempty
Overview
This unit explains the components and configuration of the encrypted file system (EFS) feature.
The encrypted file system enables individual users on the system to encrypt JFS2 file system files
on disk.
References
AIX 7.2 Security
http://public.dhe.ibm.com/systems/power/docs/aix/72/security_pdf.pdf
AIX 7.1 Security
http://public.dhe.ibm.com/systems/power/docs/aix/71/security_pdf.pdf
.
Uempty
Overview
This unit discusses how to implement the Trusted Execution feature in AIX.
References
IBM Knowledge Center, Trusted Execution
http://www.ibm.com/support/knowledgecenter/ssw_aix_72/com.ibm.aix.security/bos_trusted_exec
ution.htm
SG24-7430 AIX 6.1 Advanced Security Features Introduction and Configuration,
Chapter 4
http://www.redbooks.ibm.com/redbooks/pdfs/sg247430.pdf
.
Uempty
Overview
This unit discusses how to implement LDAP.
Uempty
Overview
This unit discusses security options that can be set only at the time you install AIX.
References
AIX 7.1 Security
http://www.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.aix.security/security-kickoff.htm
AIX 7.2 Security
http://www.ibm.com/support/knowledgecenter/ssw_aix_72/com.ibm.aix.security/security-kickoff.htm
SG24-7430-00 AIX 6 Advanced Security Features Introduction and Configuration
http://www.redbooks.ibm.com/abstracts/sg247430.html
The Orange Book Site
http://www.dynamoo.com/orange/summary.htm
The Common Criteria web site
http://www.commoncriteriaportal.org
.