networksecurityfeaturesofhp-ux(编辑修改稿)

networksecurityfeaturesofhp-ux(编辑修改稿)内容摘要：

hestperformance implementation of cryptographic algorithms in software and hardware  Multiple cryptographic toolkits and APIs  Implementation of SOCKS, Version 5 HP is mitted to maintaining and increasing its leadership position. In the near future, HP will focus its efforts in the following areas: centralized authentication in heterogeneous works, interoperable directorybased management of security policies, fast cryptography for end customers and application developers, and platform protection through the use of system firewalls, OS hardening, and intrusion detection. Network security is an HP core petency. Furthermore, HP39。 s products in the security area will leverage its other core petencies, including superior performance, high availability, HPUX/NT interoperability, and work management, in order to provide the best security solutions for HP customers. A secure work depends on cryptography. Cryptography, however, is putationally intensive and may hinder overall work performance. Good cryptographic performance, however, was a key requirement for HP39。 s work security solutions. HPUX 11i features a choice of cryptographic APIs and toolkits for 1 199920xx Operating System Function Review, by . Brown Associates, Inc Network Security Features of HPUX 11i 6 application developers, as well as the fastest implementations of cryptographic algorithms, in both software and plugin hardware accelerators. HPUX servers and workstations equipped with these work security features will enhance the overall security of heterogeneous works, where they can interoperate with a broad variety of other platforms, such as Windows 20xx hosts or other Unix systems. Network Security Features of HPUX 11i 7 Network Security Technologies and Solutions As the Inter expands, more and more panies are utilizing it to broaden their enterprise work to include their remote employees and business partners. Through the Inter, corporations can exchange information, services, and goods on a global basis. Companies are no longer confined by their physical boundaries. Instead, efficient and secure work munication is being vital to meet their fastgrowing business needs. Network security refers to the protection of data items municated through the work, whether it be the Inter or a pany intra. Without appropriate attention to work security, any IP packet sent through the work, may be:  Modified in transit (maninthemiddle2),  From a different source than it appears to be from (spoofing),  A part of a deliberate attack (denial of service), or  Intercepted (eavesdropping) In the new environment, the Inter is a shared work infrastructure — one opens to public attacks. There are more than 20,000 aggressive and destructive hackers in the US, according to The Financial Times, and the number is growing at five percent per month. The results of the ―20xx Computer Crime and Security Survey‖ 3 show that niy percent of survey respondents (primarily large corporations and government agencies) detected puter security breaches within the last twelve months. Fortytwo percent of the survey respondents (273 anizations) reported $265,589,940 in financial losses. In addition to external threats, panies are also vulnerable from the inside. According to the FBI, the overwhelming majority (eightypercent) of security breaches occur as the result of internal attacks. Therefore, a pany needs strong and costeffective security mechanisms to safeguard every aspect of its business work environment. 2 See the Glossary for more details on maninthemiddle attacks 3 Issues and Trends: 20xx CSI/FBI Computer Crime and Security Survey, from the Computer Security Institute (CSI), dated March 22, 20xx Network Security Features of HPUX 11i 8 As shown in the Figure 1, there are many work security technologies available at different layers of a puter system. They provide a similar set of security services: authentication, confidentiality, and data integrity protection. Figure 1: Security Technologies In this section, the security technologies available for HPUX 11i timeframe are discussed. They are Inter Protocol Security Architecture (IPSec), Packet filtering, SOCKS, Secure Sockets Layer (SSL), and Secure Shell (SSH). Inter Protocol Security Standard ─ IPSec IPSec uses encryption to protect against eavesdropping and tampering and uses authentication to guard against attacks launched from inside or outside of a corporate firewall. IPSec consists of a family of interrelated protocols from the Inter Engineering Task Force (IETF). These protocols add authentication and encryption to IP munications. IPSec operates at layer 3 of the TCP/IP stack (see Figure 1) and by using the rulebased IPSec。