Security this year has become even more important with all the viruses that have been spread throughout the Internet. HP-UX 11i has Internet-ready security out of the box by adding security applications that are part of all the operating environments. The host intrusion-detection software (IDS/9000) is able to detect intrusions that are normally undetected, such as buffer overflows, file system violations, and vulnerability probing. After an intrusion is detected, IDS/9000 can send alerts immediately and creates audit events.
Another important security feature that is built into the 11i operating environment is buffer overflow protection. HP has a unique implementation of this feature because it can be implemented on a program-by-program basis. This is important because other UNIX variants can implement it only on a system-wide basis, which can cause compatibility issues in many applications. HP also includes IP security with a product called IPSec/9000. In addition to providing authentication with IKE support, this product offers protection against spoofing and packet tampering.
For host firewall protection, HP now offers IPFilter/9000, which is a port of the BSD IPFilter program. This program provides filtering for the protection of the particular host on which it runs. It is capable of protecting a host from network attacks. This software greatly benefits a company when vulnerable to viruses because can proactively monitor, detect, and respond to attacks within a network.