Security Issues

Customer protections which iCAP assumes to be in place

Instant Capacity commands provide system status information and facilitate system configuration modification, and are therefore executable only by users with root level access. An assumption is made that there exist administrative policies which exercise the appropriate degree of control over root level access.

Disabling the iCAP daemon (HP-UX)

On a system with full usage rights (no iCAP components), you can disable the iCAP daemon (icapd) by commenting out its entry in the /etc/inittab system file, resetting the init task (init -q), and killing icapd via kill -9or kill -s SIGTERM.

Note that disabling the daemon in this way on an iCAP or GiCAP system is a violation of the iCAP contract with HP. After 12 to 24 hours, the system goes out of compliance and an exception notification email is sent. Also, other partition management software cannot determine whether the system contains iCAP components and, as a result, refuses to manage any components that are present.

Customer Security Requirements

The Instant Capacity software is designed to provide maximum protection for sensitive customer information. It follows these customer security requirements:

Sensitive customer data (names, phone numbers, email addresses, hostnames, IP addresses) is not transmitted to HP.

There are no transmissions of authentication credentials in clear (nonencrypted) text.

Nonsuperuser access to iCAP commands and data is not allowed.

Confidential information is encrypted when transmission is required.

Appropriate protections are accorded to confidential data and authentication credentials.

Security Tuning Options

Instant Capacity asset reporting (via email to HP) is optional and is turned off by default. Customers can enable asset reporting by executing the icapnotify -a on command.

208 Special Considerations

Page 208
Image 208
HP Instant Capacity (iCAP) manual Security Issues, Customer protections which iCAP assumes to be in place