Systems controlled by policy considerations

Consider this information before installing and using Secure Perspective.

AIX

Using Secure Perspective to control an AIX® system gives policy-based resource access control over files. When applying a policy to an AIX system, the files mapped to resource terms are given new NFS4 access control lists (ACLs). When files are evaluated for their compliance with a policy, the ACL for each file is examined to determine if it grants the access specified by the policy. If the ACL is not of the NFS4 type, the compliance report indicates that the file might be out of compliance because the exact level of user access cannot be determined.

For AIX to secure a file using an NFS4 ACL, the file must reside in a JFS2 file system created with extended attributes version 2. However, when Secure Perspective removes the application of a policy, the previous ACL is restored, regardless of whether that ACL was of type AIXC or NFS4.

The Secure Perspective Agent for AIX must be installed on any AIX system that will be controlled by Secure Perspective. The agent installer can be found on CD 2 and must be installed by the root user.

System i®

System i has no considerations.

Windows

The Secure Perspective agent for use with the Windows operating system must be installed on any Windows system that will be controlled by Secure Perspective. The agent installer can be found on the Secure Perspective installation CD 2, and must be installed by the administrator profile.

DB2

The DB2® system controller has a few unique characteristics that it is important to understand to make the best use of Secure Perspective. These are as follows:
  1. Ability to control system-level authorities.
  2. Unique behavior toward the user whose credentials are used to apply policy.
  3. Retrieval only of users who have authority on the system.