New features include encryption and hardening capabilities that promise users with minimal security expertise to lock down their IT environments across various industries, including public utilities, banking and healthcare.
The free automated updates are part of HP’s Adaptive Infrastructure Portfolio and include in-use and at-rest data protection features such as its OS-based encrypted volume and file system, which automatically encrypts data on storage devices to prevent unauthorized use of data obtained through theft.
It also allows customers to retain existing storage devices with no additional storage upgrades or modifications.
Another new feature is an embedded security chip option for select HP Integrity servers that offers machine-bound protection for cryptographic keys, which virtually eliminates vulnerabilities in software-only solutions.
Also, HP-UX security containment isolates data in compartments and allow customers to automatically configure and deploy systems that are more secure. This so-called HP Protected Systems feature sets up fine-grained privileges and role-based access control, which promises to reduce configuration time and required user skill level.
Palo Alto, California-based HP also said it was addressing compliance issues with new OS offerings. The latest version of HP-UX Bastille, the open-source software tool for security hardening, now includes assessment and drift reporting features that check the consistency of a system’s hardening configuration with previously applied hardening policies.
Additionally, the enhanced HP-UX AAA server offers simplified auditing and compliance for flexible data base integration and easier user authentication, according to HP. The company said the server provides authentication, authorization and accounting services using RADIUS and EAP protocols to authenticate users and then account for time and billing use of network services.