This course is designed to help you implement a security policy in an AIX environment. AIX 6.1 features are covered.

• Describe security threats to a computer system
• List the AIX commands and components that can meet both the base system and network security threats, including how to configure IPSEC and LDAP
• Configure, distribute, and monitor a security policy and check sox-cobit compliance using AIX Security Expert and LDAP with Active Directory
• Configure the role-based access control (RBAC) feature (AIX 6.1)
• Implement encrypted file systems (AIX 6.1)
• Implement the Trusted Execution feature (AIX 6.1)
• Implement trusted services using the PowerSC IBM product (AIX 6.1 TL6)
• Implement the AIX install time options of Secure by Default and Trusted AIX (AIX 6.1)

This advanced course is intended for persons who:

• Want to learn what the security mechanisms are in an AIX system
• Will plan, implement, or distribute a security policy in AIX
• The audience for this training includes:
• AIX technical support individuals
• System administrators
• System architects

You should have basic AIX administration experience. The AIX prerequisite may be met by attending one of the two following classes or having equivalent AIX skills:

• AIX Basics (AN10G)
• Jumpstart for UNIX Professionals (AN14G)

To use PowerSC, a knowledge of VIO LPARs is required. This prerequisite could be met by attending the following class or having equivalent skills.

• Power Systems for AIX - Virtualization I: Implementing Virtualization (AN30G)

Day 1

• Welcome
• Unit 1 - Introduction to AIX security features Unit 2 - AIX base system security
• Unit 3 - AIX network security, Topic 1: Securing remote commands Exercise 1 - Security in an IT environment
• Exercise 2 - AIX base system security
• Exercise 3 - AIX network security, Part 1: TCP/IP security environment

Day 2

• Unit 3 - AIX network security, Topic 2: IP Security
• Unit 4 - Implementing and distributing a security policy with AIXPert Exercise 3 - AIX network security, Part 2: NFS
• Exercise 4 - Implementing and distributing a security policy with AIXPert

Day 3

• Unit 5 - Implementing role-based access control
• Unit 6 - Implementing encrypted file systems Unit 7 - Implementing Trusted Execution
• Exercise 5 - Implementing role-based access control Exercise 6 - Implementing encrypted file systems Exercise 7 - Implementing Trusted Execution

Day 4

• Unit 8 - Introduction to PowerSC
• Unit 9 - Centralizing security with LDAP and Kerberos, Topic 1: Implementing an AIX LDAP server
• Exercise 8 - Introducing PowerSC
• Exercise 9 - Centralizing security with LDAP and Kerberos, Part 1: LDAP on AIX

Day 5

• Unit 9 - Centralizing security with LDAP and Kerberos, Topic 2: Kerberos and
• Active Directory
• Unit 10 - AIX install time security options
• Exercise 9 - Centralizing security with LDAP and Kerberos, Part 2: LDAP with Active Directory
• Exercise 10 - AIX install time security options
• Lab time