Implementing EAGLE Security

Managing User IDs and Passwords

User IDs and passwords protect the system from unauthorized entry. To enter the system through a terminal, a user must enter a valid user ID/password combination at the system prompt. Up to 100 user ID/password combinations can be in use on the EAGLE. To maintain the security of the system, assign user IDs, passwords, and privileges to each user only as needed.

User IDs and passwords are not case sensitive.

User IDs must begin with an alphabetic character (a-z) and can contain up to 16 printable characters.

A password must not contain the associated user ID, and can contain up to 20 characters. A password must contain at least as many:

Characters as specified by the minlen parameter of the chg-secu-dflt command
Alphabetic characters as specified by the alpha parameter of the chg-secu-dflt command
Numeric characters as specified by the num parameter of the chg-secu-dflt command
Punctuation characters as specified by the punc parameter of the chg-secu-dflt command

These and other chg-secu-dflt command parameters can be used to change the global security settings for user IDs and passwords.

Managing Global Security Settings for User IDs and Passwords

Use the following commands to manage the global security settings for user IDs and passwords:

chg-secu-dflt

Table 4-1 shows the default value of each security parameter after EAGLE is installed, and the possible range for each parameter. Review and modify these settings as appropriate for your installation.

Table 4-1 Global Security Settings for User IDs and Passwords

Parameter	Default Value at Installation	Range	Description
:alpha	1	0-12	The minimum number of alphabetic characters (a-z) required in a password.
:minintrvl	1	0-30	The minimum number of days before a password can be changed again.
:minlen	8	1-20	The minimum number of characters required in a password.
:multlog	no	no, yes	Specifies whether a user ID can be logged into only one terminal at the same time (no) or into multiple terminals at the same time (yes).
:num	1	0-12	The minimum number of numeric characters (0-9) required in a password.
:page	90	0-999	The number of days that the password for a user ID can be used before the user must change their password. The value of this parameter applies to all EAGLE user IDs unless a different value is specified for a specific user ID with the `chg/ent-user` command.
:pchreuse	4	0-10	The number of characters from an existing password that cannot be reused when setting a new password.
:pgrace	3	0-7	The number of days after a password expires that a user can continue to log in without changing their password.
:pnotify	7	0-30	The number of days before a password expires that a user is notified about the expiration.
:preuse	5	0-12	The number of most recent previous passwords that cannot be reused when setting a new password.
:punc	1	0-12	The minimum number of punctuation characters (any printable non-alphanumeric character, such as $, %, @, #).
:ssh	on	off, on	Makes all of the IPS telnet terminals use SSH instead of plain telnet.
:uout	90	0-999	The number of consecutive days that a user ID can remain active in the EAGLE and not be used. When the user ID has not been used for the number of days specified, the user ID is no longer valid and the EAGLE rejects any attempt to log into the EAGLE with that user ID. The value of this parameter applies to all EAGLE user IDs unless a different value is specified for a specific user ID with the `chg/ent-user` command.

rtrv-secu-dflt
The rtrv-secu-dflt command displays the current values of the various security-related parameters that have been configured with the chg-secu-dflt command.

For more information about Changing the Security Defaults, refer to System Administration Procedures in Database Administration - System Management User's Guide.

Managing Users

Use the following commands to add users, modify users/access, and remove users:

ent-user

Use this command to add a user to the database.

By default, all users are assigned to the Basic command class only. Each user ID (uid) can also be assigned to one or more of the non-configurable command classes shown in Table 4-2.

The command class to which a user ID is assigned controls the set of system commands that the user can enter. Use the rtrv-cmd command to see the command classes to which commands are assigned.

Table 4-2 Adding Users to Non-Configurable Command Classes

ent/chg-user Parameter	Default Value	Range	Description
:uid		axxxxxxxxxxxxxxx	The user ID to be added to the database, beginning with an alphabetic character, up to a total of 16 characters.
:all	no	no, yes	The user has access to all commands in all non-configurable command classes (db, dbg, link, pu, sa, sys).
:db	no	no, yes	The user has access to all commands in the Database Administration command class.
:dbg	no	no, yes	The user has access to all commands in the Debug command class.
:link	no	no, yes	The user has access to all commands in the Link Maintenance command class.
:pu	no	no, yes	The user has access to all commands in the Program Update command class.
:sa	no	no, yes	The user has access to all commands in the Security Administration command class.
:sys	no	no, yes	The user has access to all commands in the System Maintenance command class.

chg-user
Use this command to change user access to commands, change user IDs, and change passwords.
dlt-user
Use this command to remove a user from the system database.

For more information about Adding a User to the System, Changing User Information, and Removing a User from the System, refer to System Administration Procedures in Database Administration - System Management User's Guide.

Configuring Command Classes

If the non-configurable command classes are too broad, the Command Class Management feature can be used. The Command Class Management feature is used to define up to 32 configurable command classes that contain selected commands, and these configurable command classes can then be assigned to users.

For more information about Configuring Command Classes, refer to System Administration Procedures in Database Administration - System Management User's Guide.

Managing Terminal Command Class Assignments

You can configure access rights for a terminal using the chg-secu-trm command, and display access rights for a terminal with the rtrv-secu-trm command. Access rights determine whether a terminal or port can be used to issue commands in the various command classes. This can be useful to restrict the types of commands that can be entered on an EAGLE terminal.

For additional information about Changing Terminal Command Class Assignments, refer to System Administration Procedures in Database Administration - System Management User's Guide.

Managing Security-Related Terminal Characteristics

Terminal characteristics related to security are set using the chg-trm command parameters shown in Table 4-3, and should be reviewed and modified as needed for your installation.

Table 4-3 Security-Related Terminal Characteristics

chg-trm Parameter	Default Value at Installation	Range	Description
:dural	0100 (1 minute, 0 seconds)	0-59 (ss) 0-5959 (mmss) 0-995959 (hhmmss)	Terminal lockout time. The length of time that a terminal is disabled after the login/unlock failure threshold (see mxinv) has been exceeded.
:mxinv	5 attempts	0-9	Login/unlock failure threshold. The number of login attempt failures or attempts to unlock a terminal that can occur on the terminal before the terminal is disabled.
:tmout	30 minutes	0-99	Maximum channel idle time. The maximum amount of time, in minutes, that a login session on the specified port can remain idle (that is, no user input) on the port before being automatically logged off.

chg-trm Parameter

Default Value at Installation

Range

Description

:dural

0100 (1 minute, 0 seconds)

0-59 (ss)

0-5959 (mmss)

0-995959 (hhmmss)

Terminal lockout time. The length of time that a terminal is disabled after the login/unlock failure threshold (see mxinv) has been exceeded.

:mxinv

5 attempts

0-9

Login/unlock failure threshold. The number of login attempt failures or attempts to unlock a terminal that can occur on the terminal before the terminal is disabled.

:tmout

30 minutes

0-99

Maximum channel idle time. The maximum amount of time, in minutes, that a login session on the specified port can remain idle (that is, no user input) on the port before being automatically logged off.

For additional information about Changing Terminal Characteristics, refer to System Administration Procedures in Database Administration - System Management User's Guide.

Managing Security Logs

EAGLE security logs collect information about commands that are issued on the EAGLE, such as user ID that issued the command, terminal on which the command was received, date/time that a command was received, and the result of the command execution. Use the following commands to manage EAGLE security logs:

rtrv-seculog
Use the rtrv-seculog command to display the contents of a security log.
copy-seculog
Use the copy-seculog command to periodically copy the contents of a security log to the file transfer area (FTA).

chg-attr-seculog

Use the chg-attr-seculog command to modify attributes that affect the operation of the security logging feature. As shown in Table 4-4, the upldalm and upslg parameters of the chg-attr-seculog command control whether security log alarms are used to assist in determining when to copy the contents of the security log to the FTA.

Table 4-4 chg-attr-seculog Parameters for Security Log Characteristics

Parameter	Default Value at Installation	Range	Description
upldalm	yes	yes, no	Specifies whether the security log alarms are on (yes) or off (no). The security log alarms are: upload required Indicates that the log has reached the threshold (set by the upslg parameter), at which point the log entries should be copied to the FTA of the fixed disk. log overflowed Indicates that the log is 100% full and log entries are being lost. The security log entries must be copied to the FTA of the fixed disk. standby log contains >0 un-uploaded entries Indicates that the log on the standby fixed disk contains entries that have not been copied to the FTA of the fixed disk.
upslg	90	1-99	The percentage of the maximum security log capacity at which the EAGLE generates the upload required security log alarm, if the upldalm=yes parameter has been specified.
purgeperiod	0	0-180	Specifies the number of days after which the logs must get deleted. The database can contain up to 50,000 log entries. When the purgeperiod value is 0, no security logs will be deleted but alarms will be generated based on the values of upslg and upldalm parameters. upslg generates alarm when table logs go beyond the threshold. upldalm generates overflow alarm when table is full. The logs are periodically purged. Each stale entry is deleted within few minutes of exceeding the age (in days). Example: On 1st of January (considering there are no prior log entries), the purgeperiod value is 1. Then the log entries of 1st of January will start getting deleted from 3rd of January (If some entries are configured).

Parameter

Default Value at Installation

Range

Description

upldalm

yes

yes, no

Specifies whether the security log alarms are on (yes) or off (no). The security log alarms are:

upload required: Indicates that the log has reached the threshold (set by the upslg parameter), at which point the log entries should be copied to the FTA of the fixed disk.
log overflowed: Indicates that the log is 100% full and log entries are being lost. The security log entries must be copied to the FTA of the fixed disk.
standby log contains >0 un-uploaded entries: Indicates that the log on the standby fixed disk contains entries that have not been copied to the FTA of the fixed disk.

upslg

90

1-99

The percentage of the maximum security log capacity at which the EAGLE generates the upload required security log alarm, if the upldalm=yes parameter has been specified.

purgeperiod

0

0-180

Specifies the number of days after which the logs must get deleted.

The database can contain up to 50,000 log entries.

When the purgeperiod value is 0, no security logs will be deleted but alarms will be generated based on the values of upslg and upldalm parameters.

upslg generates alarm when table logs go beyond the threshold.
upldalm generates overflow alarm when table is full.

The logs are periodically purged.

Each stale entry is deleted within few minutes of exceeding the age (in days).

Example: On 1st of January (considering there are no prior log entries), the purgeperiod value is 1. Then the log entries of 1st of January will start getting deleted from 3rd of January (If some entries are configured).

rtrv-attr-seculog
The rtrv-attr-seculog command is used to display the security log attributes that were configured using the chg-attr-seculog command.
rept-stat-seculog
The rept-stat-seculog command displays security log statistics, such as the number of new (not uploaded) entries in the log and the percentage of space used by those new entries.

For additional information about Changing the Security Log Characteristics and Copying the Security Log to the File Transfer Area, refer to System Administration Procedures in Database Administration - System Management User's Guide.