HP-UX 11i Protected Systems Web Server

Many customers use the HP-UX platform to provide Web services. A Web server platform faces a wide range of threats because it is exposed to hostile traffic from the Internet. The introduction of IT regulation and government compliance measures has increased the importance of Web server solutions that include high levels of security and privacy protection.

Although standard HP-UX offers security mechanisms that can increase the security of a Web server, configuration can be time consuming and requires a high degree of security knowledge. The PS-Webserver starts with HP-UX and includes those security mechanisms that add value and reduce risk to configure a system tailored to serve as a secure front-end Web server.

The PS-Webserver includes HP-UX Security Containment, a next-generation security technology. Security Containment supports distinct separation, or compartmentalization, of processes while enabling you to define acceptable information flows between compartments. You can write rules for a compartment to control access to resources like files and directories.

HP-UX 11i security

Downloads

White papers

PS-Webserver offers the following business benefits:

• With a preplanned usage target, as a web server, system development, installation and maintenance time and effort is reduced.
• The quality and effectiveness of a secure Web Server is increased because it is built by HP and factory integrated with the HP-UX 11i operating environment.
• The latest HP-UX 11i security technologies are architected and integrated into the system by HP and do not have to be developed by a third-party integrator.
• The system can be used in a Virtualized Server Environment (VSE) or in a single system environment. All the advantages of HP-UX 11i are available with the use of PS-Webserver.
• The PS-Webserver is available at no additional charge to users of HP-UX 11i. It is also supported at no additional charge under the terms of the HP-UX 11i support agreement.
• The business benefits lower the total cost of ownership (TCO) by installing a preplanned usage target, as a web server, increasing time to market, reducing acquisition and support cost, potentially reducing server cost by server consolidation with VSE, reducing costs associated with the effects of damaging security vulnerabilities, and reducing regulatory security compliance costs.

PS-Webserver offers the following system features and benefits:

• Elimination of resources and services that are not needed in a secure Web services environment
• Secure run-time environment, including compartmentalization of resources
• Isolated compartments separating Internet and intranet activity (HP-UX Security Containment product)
• Controlled authorization and access to resources using role identification, controlling access to files and limiting the authority of the Apache application and others (HP-UX RBAC product)
• Fine-grained privilege adjustments based on Web server-centric roles, limiting the application’s ability to access inappropriate resources (HP-UX Containment product)
• Integrated auditing, audit configuration, and audit data review tools (HP-UX Auditing product) 
• Online intrusion detection, intrusion alerts, and intrusion review tools (HP-UX HIDS product)
• Execution of multiple instances of Apache in separate and isolated compartments.

Inside and outside compartments separate traffic and contain risk

By using the security containment compartments, the PS-Webserver creates outside compartments to talk to traffic on the external network, the Internet. And uses inside compartments to process internal traffic on the Intranet which is isolated from outside vulnerabilities and threats.