Main › Enterprise Linux Network Services (H7092S)

Enterprise Linux Network Services (H7092S)

Enterprise Linux Network Services (H7092S)

COURSE OVERVIEW

This is an expansive course covering a wide range of network services. Attention is paid to the concepts needed to implement and troubleshoot the network services securely and to provide extensive hands-on experience. Topics include security with SELinux and Netfilter, DNS concepts and implementation with Bind, LDAP concepts and implementation using OpenLDAP, web services with Apache, FTP with vsftpd, caching, filtering proxies with Squid, SMB/CIFS (Windows networking) with Samba, and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.

PREREQUISITES
  • UNIX fundamentals (51434S) or
  • Linux fundamentals (U8583S) and
  • Enterprise Linux Network Administration (H7091S)
AUDIENCE
  • New Linux system administrators
SUPPORTED DISTRIBUTIONS
  • Red Hat Enterprise Linux 7, SUSE Linux Enterprise 12
COURSE OBJECTIVES

At the conclusion of this course you should be able to:

  • Gain the knowledge and skills required to setup, configure, and manage the most popular network services available for Red Hat and SUSE Linux systems
NEXT STEPS
  • Consider attending other advanced courses in the Linux curriculum
  • Consider Linux certification: Linux Professional Institute (LPI) Level 1, Red Hat (RHCE, RHCT) or SAIR
BENEFITS TO YOU
  • Effectively use networking services and security options
  • Understand and configure services to your specific needs
  • Avoid unwanted emails by configuring mail services with spam filtering
COURSE OUTLINE

Chapter 1 – Securing Services

  • Xinetd
  • Xinetd Connection Limiting and Access Control
  • Xinetd: Resource limits, redirection, logging
  • TCP Wrappers
  • The /etc/hosts.allow & /etc/hosts.deny Files
  • /etc/hosts.{allow,deny} Shortcuts
  • Advanced TCP Wrappers
  • SUSE Basic Firewall Configuration
  • FirewallD
  • Netfilter: Stateful Packet Filter Firewall
  • Netfilter Concepts
  • Using the iptables Command
  • Netfilter Rule Syntax
  • Targets
  • Common match_specs
  • Connection Tracking

Lab Tasks

  • Securing xinetd Services
  • Enforcing Security Policy with xinetd
  • Securing Services with TCP Wrappers
  • Securing Services with SuSEfirewall2
  • Securing Services with Netfilter
  • FirewallD
  • Troubleshooting Practice

Chapter 2 – SELinux and LSM

  • AppArmor
  • SELinux Security Framework
  • Choosing an SELinux Policy
  • SELinux Commands
  • SELinux Booleans
  • SELinux Policy Tools

Lab Tasks

  • Exploring AppArmor Modes
  • SELinux File Contexts

Chapter 3 – DNS Concepts

  • Naming Services
  • DNS – A Better Way
  • The Domain Name Space
  • Delegation and Zones
  • Server Roles
  • Resolving Names
  • Resolving IP Addresses
  • Basic BIND Administration
  • Configuring the Resolver
  • Testing Resolution

Lab Tasks

  • Configuring a Slave Name Server

Chapter 4 – Configuring BIND

  • BIND Configuration Files
  • named.conf Syntax
  • named.conf Options Block
  • Creating a Site-Wide Cache
  • rndc Key Configuration
  • Zones In named.conf
  • Zone Database File Syntax
  • SOA – Start of Authority
  • A, AAAA, & PTR – Address & Pointer Records
  • NS – Name Server
  • TXT, CNAME, & MX – Text, Alias, & Mail Host
  • SRV – SRV Service Records
  • Abbreviations and Gotchas
  • $GENERATE, $ORIGIN, and $INCLUDE

Lab Tasks

  • Use rndc to Control named
  • Configuring BIND Zone Files

Chapter 5 – Creating DNS Hierarchies

  • Subdomains and Delegation
  • Subdomains
  • Delegating Zones
  • in-addr.arpa. Delegation
  • Issues with in-addr.arpa.
  • RFC2317 & in-addr.arpa.

Lab Tasks

  • Create a Subdomain in an Existing Domain
  • Subdomain Delegation

Chapter 6 – Advanced BIND DNS Features

  • Address Match Lists & ACLs
  • Split Namespace with Views
  • Restricting Queries
  • Restricting Zone Transfers
  • Running BIND in a chroot
  • Dynamic DNS Concepts
  • Allowing Dynamic DNS Updates
  • DDNS Administration with nsupdate
  • Common Problems
  • Common Problems
  • Securing DNS With TSIG

Lab Tasks

  • Configuring Dynamic DNS
  • Securing BIND DNS

Chapter 7 – Using Apache

  • HTTP Operation
  • Apache Architecture
  • Dynamic Shared Objects
  • Adding Modules to Apache
  • Apache Configuration Files
  • httpd.conf – Server Settings
  • httpd.conf – Main Configuration
  • HTTP Virtual Servers
  • Virtual Hosting DNS Implications
  • httpd.conf – VirtualHost Configuration
  • Port and IP based Virtual Hosts
  • Name-based Virtual Host
  • Apache Logging
  • Log Analysis
  • The Webalizer

Lab Tasks

  • Apache Architecture
  • Apache Content
  • Configuring Virtual Hosts

Chapter 8 – Apache Security

  • Virtual Hosting Security Implications
  • Delegating Administration
  • Directory Protection
  • Directory Protection with AllowOverride
  • Common Uses for .htaccess
  • Symmetric Encryption Algorithms
  • Asymmetric Encryption Algorithms
  • Digital Certificates
  • TLS Using mod_ssl.so

Lab Tasks

  • Using .htaccess Files
  • Using TLS Certificates with Apache
  • Use SNI and TLS with Virtual Hosts

Chapter 9 – Apache Server-Side Scripting Administration

  • Dynamic HTTP Content
  • PHP: Hypertext Preprocessor
  • Developer Tools for PHP
  • Installing PHP
  • Configuring PHP
  • Securing PHP
  • Security Related php.ini Configuration
  • Java Servlets and JSP
  • Apache’s Tomcat
  • Installing Java SDK
  • Installing Tomcat Manually
  • Using Tomcat with Apache

Lab Tasks

  • CGI Scripts in Apache
  • Apache’s Tomcat
  • Using Tomcat with Apache
  • Installing Applications with Apache and Tomcat

Chapter 10 – Implementing an FTP Server

  • The FTP Protocol
  • Active Mode FTP
  • Passive Mode FTP
  • ProFTPD
  • Pure-FTPd
  • vsftpd
  • Configuring vsftpd
  • Anonymous FTP with vsftpd

Lab Tasks

  • Configuring vsftpd

Chapter 11 – The Squid Proxy Server

  • Squid Overview
  • Squid File Layout
  • Squid Access Control Lists
  • Applying Squid ACLs
  • Tuning Squid & Configuring Cache Hierarchies
  • Bandwidth Metering
  • Monitoring Squid
  • Proxy Client Configuration

Lab Tasks

  • Installing and Configuring Squid
  • Squid Cache Manager CGI
  • Proxy Auto Configuration
  • Configure a Squid Proxy Cluster

Chapter 12 – SQL Fundamentals and MariaDB

  • Popular SQL Databases
  • SELECT Statements
  • INSERT Statements
  • UPDATE Statements
  • DELETE Statements
  • JOIN Clauses
  • MariaDB
  • MariaDB Installation and Security
  • MariaDB User Account Management
  • MariaDB Replication

Lab Tasks

  • SQL with Sqlite3
  • Installing and Securing MariaDB
  • Creating a database in MariaDB
  • Create a database backed application

Chapter 13 – LDAP Concepts and Clients

  • LDAP: History and Uses
  • LDAP: Data Model Basics
  • LDAP: Protocol Basics
  • LDAP: Applications
  • LDAP: Search Filters
  • LDIF: LDAP Data Interchange Format
  • OpenLDAP Client Tools
  • Alternative LDAP Tools

Lab Tasks

  • Querying LDAP

Chapter 14 – OpenLDAP Servers

  • Popular LDAP Server Implementations
  • OpenLDAP: Server Architecture
  • OpenLDAP: Backends
  • OpenLDAP: Replication
  • Managing slapd
  • OpenLDAP: Configuration Options
  • OpenLDAP: Configuration Sections
  • OpenLDAP: Global Parameters
  • OpenLDAP: Database Parameters
  • OpenLDAP Server Tools
  • Native LDAP Authentication and Migration
  • Enabling LDAP-based Login
  • System Security Services Daemon (SSSD)

Lab Tasks

  • Building An OpenLDAP Server
  • Enabling TLS For An OpenLDAP Server
  • Enabling LDAP-based Logins

Chapter 15 – Samba Concepts and Configuration

  • Introducing Samba
  • NetBIOS and NetBEUI
  • Samba Daemons
  • Accessing Windows/Samba Shares from Linux
  • Samba Utilities
  • Samba Configuration Files
  • The smb.conf File
  • Mapping Permissions and ACLs
  • Mapping Linux Concepts
  • Mapping Users
  • Sharing Home Directories
  • Sharing Printers
  • Share Authentication
  • Share-Level Access
  • User-Level Access
  • Samba Account Database
  • User Share Restrictions

Lab Tasks

  • Samba Share-Level Access
  • Samba User-Level Access
  • Samba Group Shares
  • andling Symbolic Links with Samba
  • Samba Home Directory Shares

Chapter 16 – SMTP Theory

  • SMTP
  • SMTP Terminology
  • SMTP Architecture
  • SMTP Commands
  • SMTP Extensions
  • SMTP AUTH
  • SMTP STARTTLS
  • SMTP Session

Chapter 17 – Postfix

  • Postfix Features
  • Postfix Architecture
  • Postfix Components
  • Postfix Configuration
  • master.cf
  • main.cf
  • Postfix Map Types
  • Postfix Pattern Matching
  • Advanced Postfix Options
  • Virtual Domains
  • Postfix Mail Filtering
  • Configuration Commands
  • Management Commands
  • Postfix Logging
  • Logfile Analysis
  • Postfix, Relaying and SMTP AUTH
  • SMTP AUTH Server and Relay Control
  • SMTP AUTH Clients
  • Postfix / TLS
  • TLS Server Configuration
  • Postfix Client Configuration for TLS
  • Other TLS Clients
  • Ensuring TLS Security

Lab Tasks

  • Configuring Postfix
  • Postfix Virtual Host Configuration
  • Postfix Network Configuration
  • Postfix SMTP AUTH Configuration
  • Postfix STARTTLS Configuration
  • SUSE Postfix Configuration Cleanup

Chapter 18 – Mail Services and Retrieval

  • Filtering Email
  • Procmail
  • SpamAssassin
  • Bogofilter
  • amavisd-new Mail Filtering
  • Accessing Email
  • The IMAP4 Protocol
  • Dovecot POP3/IMAP Server
  • Cyrus IMAP/POP3 Server
  • Cyrus IMAP MTA Integration
  • Cyrus Mailbox Administration
  • Fetchmail
  • Roundcube Webmail
  • Mailing Lists
  • GNU Mailman
  • Mailman Configuration

Lab Tasks

  • Configuring Procmail & SpamAssassin
  • Configuring Cyrus IMAP
  • Dovecot TLS Configuration
  • Configuring Roundcube
  • Base Mailman Configuration
  • Basic Mailing List
  • Private Mailing List

Appendix A – NIS

  • NIS Overview
  • NIS Limitations and Advantages
  • NIS Client Configuration
  • NIS Server Configuration
  • NIS Troubleshooting Aids

Lab Tasks

  • Using NIS for Centralized User Accounts
  • Configuring NIS
  • NIS Slave Server
  • NIS Failover
  • Troubleshooting Practice: NIS

For more information about HP training programs in Ukraine visit web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP ServiceGuard on Linux (H4C21S)

HP ServiceGuard on Linux (H4C21S)

HP ServiceGuard on Linux (H4C21S)

COURSE OVERVIEW

This course is designed for experienced Linux system and network administrators implementing HP Serviceguard A.12.00. Topics include the basic requirements of a highly available system and progress through to the configuration of a Serviceguard cluster/packages, culminating in using both NFS and Oracle 11gR2 toolkit packages along with using the cluster simulator and analytics utilities. The course is 50 percent lecture and 50 percent hands-on labs using RHEL 6.4.

PREREQUISITES
  • Background in Linux system and network administration including Logical Volume Manager (LVM) and/or Veritas Volume Manager (VxVM)
AUDIENCE
  • Linux system and network administrators who currently, or soon will, develop, design, implement, and monitor Serviceguard (SG) clusters on Linux
COURSE OBJECTIVES

At the conclusion of this course you should be able to:

  • Configure, implement, and manage an HP SG cluster and packages
  • Install HP Serviceguard A.12.00 and Serviceguard Manager
  • Using ‘cmeasyinstall’
  • Utilize basic troubleshooting techniques
  • Install and configure NFS and Oracle packages using the toolkits
  • Use Live Application Detach and ‘rolling upgrade’
  • Configure generic resources
  • Use the SG simulator and SG cluster analytics
BENEFITS TO YOU
  • Protect mission critical applications against a variety of hardware and software failures through effective use of Serviceguard on Linux
  • Reduce application downtime by learning how to configure Serviceguard cluster and using Serviceguard’s rolling upgrade facility
  • Minimize, and in some instances eliminate, your application downtime by learning how to automate the detection of failures and restoration of application service
COURSE OUTLINE

Introduction to High Availability

  • What is high availability and reducing the risk
  • Storage technologies and HA network design

High Availability with Serviceguard (SG)

  • SG features and benefits and SG packages
  • Minimizing planned downtime
  • Installing prerequisite software
  • Serviceguard Manager

Storage for Serviceguard

  • Volume management
  • Persistent reservation overview
  • Review of LVM and VxVM concepts
  • Configure a shared LVM volume and VxVM data group
  • Using hosttags

Cluster Concepts and Configuration

  • Describe the difference between heartbeat, stationary, and standby LAN interfaces
  • Configure active/standby LAN interfaces using channel bonding
  • Cluster arbitration using a LockLUN and Quorum server
  • Steps to configure a Serviceguard cluster
  • View the status of the cluster and log file

Additional Cluster Features

  • Test the local LAN failover
  • Node failures and cluster reformation
  • Node joining and leaving a cluster
  • Basic cluster management

Packages and Services

  • Configure a basic Serviceguard package
  • The package configuration file
  • Package and node switching management
  • Interpret package status from cmviewcl
  • Package log file

Package Policies

  • Package FAILOVER and FAILBACK policies
  • Package access control
  • Using package dependencies, priorities, and weights

Application Monitoring Scripts and Toolkits

  • Writing and using an application monitor
  • The package control script
  • Application integration toolkits

Cluster Troubleshooting

  • Test clusters and packages for problems
  • Using the log files
  • Using Serviceguard commands for troubleshooting
  • Approaches to troubleshooting

Cluster and Package Online Reconfiguration

  • Cluster modifications online and online package modifications
  • Storage reconfiguration
  • Add and remove a node or package while the cluster is running

Highly Available NFS

  • Install the NFS server toolkit
  • Configure an NFS server package using the NFS toolkit
  • Configure an NFS client package
  • Test the NFS server package for various failures

Highly Available Oracle Database

  • Install the Oracle database toolkit
  • Configure an Oracle 11gR2 database package using the Oracle toolkit
  • Check the operation of the Oracle database and failover

Cluster and Package Maintenance

  • Rolling upgrade of Serviceguard
  • Kernel parameter change using Live Application Detach
  • Package partial startup

Generic Resources

  • Configure and use generic resources in a package

Cluster Simulation

  • Investigate the simulator interface and actions

Cluster Analytics

  • Install the Analytics utility
  • Display data collected by Serviceguard Cluster Analytics

Serviceguard Manager

  • Discuss the components of Serviceguard Manager
  • Navigate the Serviceguard Manager interface

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › POSIX Shell Programming (H4322S)

POSIX Shell Programming (H4322S)

POSIX Shell Programming (H4322S)

COURSE OVERVIEW

This course provides UNIX® users and administrators hands-on skills development in POSIX shell programming. Syntax and constructs of the POSIX shell language are covered including use of variables, branches, loops, file I/O, functions, and traps. An introduction to regular expressions, awk, and sed are also discussed as each of these are commonly used in shell scripts. The 5-day course is 50 percent lecture and 50 percent hands-on labs using HP servers.

AUDIENCE
  • HP-UX and UNIX general users, system and network administrators, and software developers
PREREQUISITES
  • Fundamental knowledge of programming and
  • UNIX Fundamentals (51434S) or
  • Equivalent experience
COURSE OBJECTIVE

At the conclusion of this course you should be able to:

  • Read and maintain existing POSIX scripts
  • Create a POSIX program
  • Use looping and branching
  • Use arrays
  • Use regular expressions
  • Use subroutines
  • Use advanced data structures and functions
  • Understand and use traps and signals
  • Understand awk and sed
BENEFITS TO YOU
  • Understand and maintain POSIX scripts already in use in your environment
  • Learn how to create and run a POSIX shell program, saving time and increasing productivity with automated scripts
  • Write efficient programs by understanding how shell scripts are processed
  • Customize shell start-up files
  • Easily control your administration tasks
DETAILED COURSE OUTLINE

Introduction to POSIX Shell Scripts

  • What is a shell script?
  • Script execution
  • The subprocess environment
  • Shell features

Shell Scripting

  • Which shell?
  • Recommended script format
  • Planning to write a shell script
  • Portability issues

Variables

  • Variables
  • Displaying and using variables
  • Concatenation and substrings
  • Other sources of data for variables

User Input

  • Reading user input
  • Positional parameters
  • Creating positional parameters
  • Conditional substitution
  • External influences

Designing Program Output

  • Variable attributes
  • Formatted data
  • Cursor positioning and terminal echo

Shell Arithmetic

  • Creating integer-only variables
  • Base10 and others
  • Working with arithmetic operators and data

Branches and Logic Testing

  • Logic testing
  • Conditional operators
  • Multiway decision branching and the case statement

Shell Patterns

  • Basic expressions
  • More complex patterns
  • Pattern combinations

Program Loops

  • The while loop
  • The until loop
  • The for loop
  • Breaking out of a loop
  • Continue and exit commands
  • The select loop

The getopts Command

  • Processing arguments
  • The getopts and OPTARG variable
  • The OPTIND variable

Array Variables

  • Substituting and counting
  • Using integer variables as element numbers

Functions and Function Libraries

  • Displaying current shell functions
  • Declaring and using functions
  • Variable scope
  • Function libraries and recursion

Managing Input and Output

  • File descriptors
  • Reading and writing using file descriptors
  • Redirecting, parameter lists, and here documents
  • Creating parameter lists from input lines

For more information about HP training programs in Ukraine visit web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX System and Network Administration for Experienced UNIX® System Administrators (H5875S)

HP-UX System and Network Administration for Experienced UNIX® System Administrators (H5875S)

HP-UX System and Network Administration for Experienced UNIX® System Administrators (H5875S)

COURSE OVERVIEW

This fast-paced intensive course is designed for experienced Tru64, AIX, Solaris, Linux, or other UNIX® administrators who need to understand the differences between HP-UX and standard UNIX. It is essential that students have existing UNIX system administration experience. Successful completion of the course will help prepare students for the HP-UX Certified System Administrator (CSA) certification exam. The 5-day course is 50 percent lecture and 50 percent hands-on labs using HP servers.

PREREQUISITES
  • Existing knowledge and system administration experience of a version of UNIX
AUDIENCE
  • Experienced UNIX system administrators who are new to HP-UX
COURSE OBJECTIVES

At the conclusion of this course you should be able to:

  • Configure and manage HP-UX peripherals and device files
  • Configure and manage disk devices via LVM
  • Configure and manage JFS file systems
  • Configure HP-UX network connectivity and services
  • Configure HP-UX kernel drivers and tunable parameters
  • Shutdown, boot, and reboot HP-UX
  • Install HP-UX OS software, applications, and patches
NEXT STEPS
  • Become an HP-UX Certified System Administrator (CSA) by successfully completing the HP-UX CSA certification exam
  • Learn more about BladeSystem and partitioning technologies in our HP-UX hardware and partitioning curriculum
  • Learn more about HP-UX high availability, virtualization, security, and performance tools in our HP-UX advanced administration curriculum
BENEFITS TO YOU
  • Build on your existing UNIX system administration experience to quickly develop HP-UX administration skills
  • Become an HP-UX Certified System Administrator (CSA) by successfully completing the Certified System Administrator certification exam
COURSE OUTLINE

Navigating the System Management Homepage (SMH)

  • SAM and SMH overview
  • Launching the SMH GUI and TUI
  • Verifying SMH certificates
  • Logging into the SMH
  • Navigating the SMH interface
  • Launching SMH tools
  • Launching SMH tasks
  • Viewing SMH logs
  • Managing SMH access control
  • Managing SMH authentication
  • SMH and SIM integration concepts

Configuring Hardware

  • Hardware component overview
  • CPU, cell, crossbar, and Blade overview
  • SBA, LBA, and I/O overview
  • iLO/MP, core I/O, and interface adapter card overview
  • Internal disks, tapes, and DVD overview
  • Disk array, LUN, SAN, and multipathing overview
  • Partitioning overview
  • nPar, vPar, VM, and secure resource partition overview
  • HP Integrity entry-class rackmount servers
  • HP Integrity mid-range servers
  • HP Integrity high-end servers
  • HP BladeSystem
  • HP Integrity Superdome 2
  • Viewing the system hardware configuration
  • Viewing nPar, vPar, and VM hardware addresses
  • Hardware address concepts
  • Legacy HBA, SCSI, and FC hardware address concepts
  • Agile View HBA, SCSI, and FC hardware address concepts
  • Viewing legacy hardware addresses
  • Viewing LUNs via Agile View
  • Viewing a LUN’s lunpaths via Agile View
  • Viewing an HBA’s lunpaths via Agile View
  • Viewing LUN health via Agile View
  • Viewing LUN attributes via Agile View
  • Enabling and disabling lunpaths
  • Slot address concepts
  • Slot address components
  • Viewing slot addresses
  • Installing interface cards with and without OL*
  • Installing new devices

Configuring Device Special Files

  • DSF attribute concepts
  • DSF directories
  • Legacy DSF names
  • Persistent DSF names
  • LUN, disk, and DVD DSF names
  • Boot disk DSFs
  • Tape drive DSFs
  • Tape autochanger DSFs
  • Terminal, modem, and printer DSFs
  • Listing legacy DSFs
  • Listing persistent DSFs
  • Correlating persistent and legacy DSFs
  • Correlating persistent DSFs with lunpaths and WWIDs
  • Decoding legacy and persistent DSF attributes
  • Creating DSFs via insf, mksf, and mknod
  • Removing DSFs via rmsf
  • Disabling and enabling legacy mode DSFs

Managing Disk Devices

  • Disk partitioning concepts
  • Whole disk partitioning concepts
  • LVM disk partitioning concepts
  • LVM physical volume concepts
  • LVM volume group concepts
  • LVM logical volume concepts
  • LVM extent concepts
  • LVM extent size concepts
  • LVM versions and limits
  • LVM DSF directories
  • LVMv1 device files
  • LVMv2 device files
  • Creating physical volumes
  • Creating LVMv1 volume groups
  • Creating LVMv2 volume groups
  • Creating logical volumes
  • Verifying the LVM configuration
  • Comparing disk space management tools

Managing File Systems

  • File system types
  • HFS and VxFS comparison
  • Creating file systems
  • Mounting file systems
  • Automatically mounting file systems
  • Mounting CDFS file systems
  • Mounting LOFS file systems
  • Mounting ISO file systems
  • Mounting MemFS file systems

Managing Swap Space

  • HP-UX memory concepts
  • HP-UX swap concepts
  • HP-UX swap types
  • HP-UX pseudoswap
  • Enabling swap via the CLI
  • Enabling swap via /etc/fstab
  • Monitoring swap space
  • Disabling swap
  • Guidelines for configuring swap space

Maintaining Logical Volumes and File Systems

  • Defragmenting file systems
  • Repairing corrupted file systems
  • Monitoring free space
  • Reclaiming wasted file system space
  • Extending, reducing, and removing volume groups
  • Extending, reducing, and removing logical volumes
  • Extending and reducing file systems

Preparing for Disasters

  • Disaster recovery, mirroring, and DRD clone concepts
  • Using DRD to minimize planned downtime
  • Using DRD to minimize unplanned downtime
  • Installing DRD
  • Using the drd command
  • Creating a DRD clone
  • Synchronizing a DRD clone
  • Verifying a DRD clone’s status
  • Accessing inactive images via DRD-safe commands
  • Managing software via DRD-safe commands
  • Managing kernel tunables via DRD-safe commands
  • Accessing inactive images via other commands
  • Activating and deactivating an inactive image
  • Customizing the make_*_recovery archive contents
  • Backing up the boot disk via make_tape_recovery
  • Backing up the boot disk via make_net_recovery
  • Using a make_*_recovery archive
  • Interacting with the recovery process

Accessing the System Console and the iLO/MP

  • Management processor concepts
  • Viewing MP/console ports
  • Connecting MP serial and LAN ports
  • Accessing the MP
  • Navigating the MP menu and web interfaces
  • Accessing nPar, vPar, and VM consoles
  • Accessing the VFP, console log, and system event log
  • Accessing the MP help menus
  • Accessing the MP command menu
  • Configuring the MP LAN interface
  • Enabling MP remote access
  • Managing MP user accounts and access levels
  • Managing MP login sessions
  • Rebooting via the MP

Booting PA-RISC Systems

  • HP-UX shutdown and reboot concepts
  • PA-RISC boot process major players
  • PA-RISC boot disk structures
  • PA-RISC boot process overview
  • Autoboot and manual boot concepts
  • Interacting with the BCH and ISL/IPL

Booting Integrity Systems

  • HP-UX shutdown and reboot concepts
  • Integrity boot process major players
  • Integrity boot disk structures
  • Integrity boot disk system, OS, and HPSP structures
  • Integrity and PA-RISC boot process comparison
  • UEFI/EFI addressing concepts
  • Autoboot and manual boot concepts
  • Booting from primary, alternate, and arbitrary boot devices
  • Booting from Ignite-UX servers and recovery archives
  • Managing boot menu settings
  • Managing console settings
  • Interacting with the UEFI/EFI shell
  • Interacting with the hpux.efi OS loader

Managing System Startup

  • Configuring network services via /etc/rc.config.d/ files
  • Controlling network services via /sbin/rc*.d/ directories and scripts
  • Starting and stopping network services via /sbin/init.d/ scripts
  • Creating custom startup/shutdown scripts

Configuring IP Connectivity

  • Installing and verifying LAN software
  • Configuring link layer connectivity
  • Configuring IP connectivity
  • Configuring IP multiplexing
  • Configuring IP routing
  • Configuring the system hostname and /etc/hosts
  • Configuring network tunable parameters
  • Configuring static and default routes
  • Configuring the resolver
  • Configuring the name service switch
  • Troubleshooting network connectivity
  • Configuring network services

Configuring the HP-UX Kernel

  • Kernel configuration concepts
  • Special kernel configurations
  • Kernel configuration commands
  • Modifying the current kernel configuration
  • Creating a named configuration
  • Copying and loading a configuration
  • Kernel module concepts, states, and state changes
  • Viewing and managing module states
  • Kernel tunable concepts and types
  • Viewing, managing, and monitoring kernel tunables
  • Viewing, managing, and monitoring kernel resource alarms
  • Kernel troubleshooting
  • Viewing the kernel change log
  • Booting from an alternate kernel
  • Booting via override parameters
  • Booting to tunable maintenance mode

Managing Software with SD-UX

  • SD-UX software structure concepts
  • SD-UX software depot concepts
  • SD-UX IPD concepts
  • SD-UX daemon and agent concepts
  • Listing software
  • Installing and updating software
  • Removing software

Managing Patches with SD-UX

  • Patch concepts
  • Patch naming convention concepts
  • Patch supersession concepts
  • Patch rating concepts
  • Patch source concepts
  • Patch tool concepts
  • Downloading and installing HPSC patches
  • Installing patches from DVD, tape, and directory depots
  • Listing and removing patches

Managing Depots with SD-UX

  • SD-UX depot server concepts and advantages
  • Planning for depots
  • Adding software and patches to a depot
  • Removing software from a depot
  • Registering or unregistering a depot
  • Pulling and pushing software from a depot

Installing the OS with Ignite/UX

  • Install source concepts
  • Planning an install
  • Choosing an operating environment
  • Choosing an install-time security bundle
  • Locating the source media
  • Initiating a PA-RISC or an Integrity install
  • Navigating the Ignite-UX menus
  • Verifying an installation
  • Completing post-install configuration tasks

​For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX Performance and Tuning (H4262S)

HP-UX Performance and Tuning (H4262S)

COURSE OVERVIEW

This course shows you how to optimize the performance of your computing environment, including multiprocessor and cell-based systems. Extensive hands-on labs allow you to gain experience using standard UNIX and HP-specific tools to monitor, analyze, and tune the performance of HP-UX systems and common network services. The 5-day course is 50 percent lecture and 50 percent hands-on.

PREREQUISITES
  • HP-UX System and Network Administration I (H3064S) and HP-UX System and Network Administration II (H3065S) or for Experienced UNIX System Administrators(H5875S)
  • Inside the HP-UX Operating System (H5081S) is advantageous
AUDIENCE

Experienced HP-UX system and network administrators

COURSE OBJECTIVES
  • Explore a methodology for investigating performance issues
  • Identify tools used to monitor HP-UX performance
  • Identify bottlenecks and potential problems
  • Determine appropriate remedial actions to take
BENEFITS TO YOU
  • Effectively utilize the range of performance tools that are available to you
  • Learn how to regularly monitor your systems and quickly recognize problems
  • Optimize your systems by identifying and removing performance bottlenecks
  • Effectively allocate resources such as CPU, memory, disk I/O bandwidth among your critical and lower priority users and applications
  • Deliver a guaranteed level of application performance to your end users
DETAILED COURSE OUTLINE

Introduction to Performance

  • What is a performance problem
  • The “System centric” view of performance
  • Measuring performance
  • The first rule of interpreting metrics
  • Types of performance
  • Multiprocessor scaling
  • Bottlenecks
  • Baseline
  • Queuing and response times
  • Increasing CPU counts and utilization
  • Types of metrics

HP Performance Tools

  • HP Performance tools
  • Sources of data
  • Glance
  • GPM – Glance Plus Motif
  • Adviser and Alarms
  • HP Performance Agent and Manager
  • HP Performance Manager
  • PRM
  • WLM
  • gWLM
  • Unix Performance Tools
  • Caliper
  • Prospect
  • tusc
  • lsof
  • sar
  • top

CPUs and Performance

  • Types of CPU bottlenecks
  • CPUs and performance
  • Data access times
  • Tuning for data latency
  • Performance and system size
  • mpsched
  • Launch policies
  • Processor sets
  • Address translation delays
  • Variable page size kernel parameters
  • The change attributes command
  • Hyperthreading
  • Shared caches
  • Compiler optimizations

Processes and Performance

  • CPU performance problems
  • Understanding the “standard” scheduler
  • Load balancing
  • Managing priorities
  • psets
  • Priority Inversion
  • Interrupt processing
  • Looking at CPU Utilization

CPUs Adjusting Performance

  • Unix commands to adjust prioritie
  • HP Tools and CPU Management
  • Process Resource Manager

VxFS I/O Performance

  • Layers of I/O
  • I/O and performance
  • The filesystem layer
  • VxFS performance topics
  • VxFS inodes and extents
  • Defragmenting OnlineJFS filesystems
  • Understanding your I/O workload
  • Mount options
  • Caching controls
  • DSYNC
  • Concurrent I/O
  • vxtunefs
  • Performance implications of locks
  • Large directories
  • Buffered I/O, reading ahead
  • Writing behind
  • Direct I/O
  • Caching

Volume Manager I/O Performance

  • Volume managers, introduction
  • Mirroring and performance
  • Striping
  • Multipathing
  • Load balancing policies
  • Looking at I/O performance in glance
  • Examining VxVM performance with vxstat
  • How PRM Manages Disk Bandwidth

Disk I/O Performance

  • The SCSI layer
  • Optimizing I/Os in the SCSI Layer
  • Device caching
  • Setting low level SCSI parameters
  • Immediate reporting with simple disks
  • I/O related wait states
  • Process system calls

Cell Local Memory and Performance

  • LORA
  • Uniform Memory access patterns
  • Non-Uniform memory access platform
  • Locality domains to manage ccNUMA memory
  • Configuring CLM
  • Impact of I/O locality
  • Applications suited to LORA
  • LORA with nPars
  • LORA with vPars
  • LORA with VM
  • SAP on LORA
  • Java on LORA
  • Oracle on LORA
  • Strategies for HP NUMA platforms

Memory

  • System memory management
  • When does memory affect performance
  • Virtual memory
  • Memory allocation
  • vhand, the page daemon
  • Memory Resource Groups
  • File/Buffer cache paging differences
  • Diagnosing memory problems
  • Tuning the swap environment
  • How PRM manages memory
  • Memory File System

Virtual Machine Performance

  • Monitoring VMs
  • hpvmsar
  • HP Integrity VM Manager
  • Glance
  • Measureware

Java Performance

  • Measureware
  • Java out of the box
  • HPjmeter
  • Java Management console
  • Recipes for diagnosing problems

Network Performance

  • Types of performance
  • Latency and response time
  • Bandwidth
  • Layers within networking

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX System and Network Troubleshooting (H4264S)

HP-UX System and Network Troubleshooting (H4264S)

HP-UX System and Network Troubleshooting (H4264S)

COURSE OVERVIEW

This course provides troubleshooting tools and procedures to find and fix HP-UX system problems. Concepts are refreshed before tools and techniques are examined. Critical thinking labs are provided using case studies, demonstrations, and hands-on break/fix labs. The course is 55 percent lecture and 45 percent hands-on labs using HP Integrity servers.

AUDIENCE

Experienced HP-UX system administrators

PREREQUISITES
  • HP-UX System and Network Administration I (H3064S) and HP-UX System and Network Administration II (H3065S) or
  • HP-UX System and Network Administration for Experienced UNIX® System Administrators (H5875S) or
  • Equivalent experience
BENEFITS TO YOU
  • Learn the techniques needed to troubleshoot and recover your system components
  • Understand fsck and the recovery options to restore lost data
  • Anticipate problems and minimize network downtime by using basic diagnostics tools
  • Ensure your network is operating properly by checking NFS and DNS functionality
  • Keep your system current by managing software patches
COURSE OBJECTIVES

At the conclusion of this course you should be able to:

  • Use the Management Processor for troubleshooting
  • Troubleshoot EFI problems
  • Recover a non-bootable HP Integrity system or partition
  • Troubleshoot an 11i v3 kernel, system startup, and kernel crash dump
  • Troubleshoot process, login, patch, and storage problems
  • Troubleshoot LVM, VxVM, and VxFS problems
  • Troubleshoot network problems
NEXT STEPS
  • HP-UX Logical Volume Manager (H6285S)
  • Inside HP-UX (H5081S)
  • HP-UX Performance and Tuning (H4262S)
  • HP-UX Partition Management (HG770S)
COURSE OUTLINE

Troubleshooting Methodology and Resources

  • Troubleshooting methodology and techniques
  • Troubleshooting resources
  • Common troubleshooting and monitoring tools

HP-UX Concepts Review

  • HP-UX structural overview
  • System calls and processes

Troubleshooting HP-UX Startup Files

  • Concepts review: system startup
  • System configuration files
  • Interrupting the rc start scripts
  • System startup links and sequence
  • Booting to single-user mode

Troubleshooting Process Problems

  • Concept review: What is a process?
  • Troubleshooting processes and memory problems
  • Zombie processes
  • Identifying CPU-intensive processes
  • Advanced system features, hyper-threading, NUMA, and LORA
  • Managing workloads and enhanced user core naming

Troubleshooting Storage

  • Concepts review: how I/O requests are processed
  • HP-UX hardware addressing
  • Storage device special files and slot addresses
  • Storage-related commands

Troubleshooting Logical Volumes

  • Concepts review: LVMs
  • Recovering lost or damaged structures
  • Missing device files and failed disks
  • VxVM structures
  • Restoring group configuration and recovering volumes

Troubleshooting File Systems

  • Concepts review: file system overview
  • File system corruption examples
  • Troubleshooting techniques
  • fsck, fsadm, and fsdb

Troubleshooting Login Problems

  • Concept review: login methods
  • Troubleshooting GUI login
  • Protecting the system with /etc/shadow
  • Pluggable authentication modules

Troubleshooting Software and Patch Installation

  • Concept review: installing software
  • Patch management process and HP-UX patch management
  • Using DRD to install software and patches
  • Troubleshooting patches
  • Working with SD-UX logfiles and common SD-UX problems

Troubleshooting Network Problems

  • Networking subsystem layers
  • Troubleshooting configuration problems and the nwmgr command
  • Subnetting, routing, and DNS concepts and troubleshooting
  • Network tracing and performance
  • NFS review and common problems

Troubleshooting the Kernel

  • Concepts review: kernel configuration
  • Kernel troubleshooting and recovery options
  • Booting from an alternate kernel
  • Kernel crashes and analysis
  • Dump units and post-reboot configuration

Troubleshooting Hardware and Firmware

  • Concepts review: kernel provides hardware services to applications
  • Troubleshooting hardware and firmware
  • Management Processor overview and commands

Troubleshooting HP Integrity System Boot

  • Concepts review: HP Integrity boot disk structure
  • Booting from an alternate disk from EFI
  • Booting a DRD clone and booting alternatives
  • Recovery shell, system startup, and EFI recovery options
  • Partitions and booting: HP Integrity nPar and vPar boot sequence

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX Security (H3541S)

HP-UX Security (H3541S)

HP-UX Security (H3541S)

SPECIAL NOTES

This fast-paced hands-on course examines a variety of popular tools and techniques for hardening and securing HP-UX systems. The course is 50% lecture / 50% lab.

COURSE OVERVIEW

This course examines the most common HP-UX system security vulnerabilities, and introduces a variety of tools and techniques that can be used to prevent hackers from exploiting these vulnerabilities.

PREREQUISITES
  • HP-UX System and network administration I (H3064S) and HP-UX System and Network Administration II (H3065S) or
  • HP-UX for experienced UNIX system administrators (H5875S) or equivalent experience
  • Equivalent experience
AUDIENCE
  • Experienced system and network administrators responsible for securing and monitoring HP-UX systems
BENEFITS TO YOU
  • Learn how to use Role Based Access Control (RBAC), Secure Shell (SSH), Host Intrusion Detection System (HIDS), Software Assistant (SWA), IPFilter, Bastille, and other HP supported tools to harden and secure HP-UX systems
  • Create secure, isolated execution environments for applications with HP-UX security compartments and Secure Resource Partitions
  • Learn how to use Tripwire, John the Ripper, nmap, lsof, and other open source tools to further improve HP-UX system security
COURSE OUTLINE

Introduction

  • Why security?
  • HP-UX security tools
  • HP-UX security certifications
  • Course agenda

Securing user accounts: user passwords

  • Understanding the /etc/passwd file
  • Understanding the /etc/shadow file
  • DES-based password encryption
  • SHA512 password encryption
  • Enabling shadow passwords
  • Enabling SHA512 passwords
  • Enabling long passwords
  • Managing passwords
  • Configuring password aging
  • Cracking passwords with John the Ripper
  • Authenticating users via PAM
  • Configuring /etc/pam.conf

Securing user accounts: special cases

  • Protecting user accounts: guidelines
  • Protecting the root account: guidelines
  • Limiting root and operator access via /etc/security
  • Limiting root and operator access via sudo
  • Limiting root and operator access via the restricted SAM builder
  • Limiting root and operator access via the SMH
  • Configuring accounts for guest users
  • Configuring accounts for single application users
  • Configuring accounts for teams and groups
  • Preventing dormant accounts

Securing user accounts: Standard Mode Security Extensions (SMSE)

  • Configuring SMSE user security
  • Understanding Standard Mode Security Enhancements Benefits
  • Understanding SMSE attributes and repositories
  • Configuring /etc/security.dsc
  • Configuring /etc/default/security
  • Configuring /etc/passwd and /etc/shadow
  • Configuring /var/adm/userdb/ via userdbset, userdbget, and userdbck
  • Enforcing SMSE security policies

Securing user accounts: Role Based Access Control (RBAC)

  • RBAC features and benefits
  • Installing RBAC
  • Configuring & assigning RBAC roles
  • Configuring & assigning RBAC authorizations
  • Configuring RBAC commands & privileges
  • Verifying the RBAC database
  • Configuring RBAC logging & auditing
  • Running commands with privrun
  • Editing files with privedit
  • Enabling RBAC keystroke logging

Protecting data via file permissions and JFS Access Control Lists (ACLs)

  • Understanding how hackers exploit improper file and directory permissions
  • Viewing and changing file permissions
  • Searching for files with improper permissions
  • Configuring and using the SUID bit
  • Configuring and using the SGID bit
  • Configuring and using the sticky bit
  • Configuring and using JFS ACLs

Protecting data via swverify, md5sum, and Tripwire

  • File integrity checking overview
  • Verifying executable integrity with swverify
  • Verifying file integrity with md5sum
  • Verifying file integrity with Tripwire
  • Installing Tripwire
  • Creating Tripwire keys
  • Creating the Tripwire configuration file
  • Creating the Tripwire policy file
  • Creating the Tripwire database
  • Performing a Tripwire integrity check
  • Updating the Tripwire database
  • Updating the Tripwire policy file

Protecting data via Encrypted Volumes and File Systems (EVFS)

  • EVFS, EVS, and EFS features and benefits
  • EVFS architecture
  • EVFS volumes
  • EVFS volume encryption keys, user keys, and recovery keys
    • Step 1: Installing and configuring EVS software
    • Step 2: Creating user keys
    • Step 3: Creating recovery keys
    • Step 4: Creating an LVM or VxVM volume
    • Step 5: Creating EVS device files
    • Step 6: Creating and populating the volume’s EMD
    • Step 7: Enabling the EVS volume
    • Step 8: Creating and mounting a file system
    • Step 9: Enabling autostart
    • Step 10: Migrating data to the EVS volume
    • Step 11: Backing up the EVS configuration
  • Managing EVS volume users
  • Managing the EVS key database
  • Extending an EVS volume
  • Reducing an EVS volume
  • Removing EVS volumes
  • Backing up EVS volumes
  • EVS limitations
  • EVS and TPM/TCS integration overview

Securing network services: inetd & tcpwrapper

  • inetd service overview
  • inetd configuration file overview
  • Securing inetd
  • Securing the inetd internal services
  • Securing the RPC services
  • Securing the Berkeley services
  • Securing FTP
  • Securing FTP service classes
  • Securing anonymous FTP
  • Securing guest FTP
  • Securing other ftpaccess security features
  • Securing other inetd services
  • Securing other non-inetd services
  • Securing inetd via TCPwrapper

Securing network services: SSH

  • Legacy Network Service Vulnerabilities: DNS
  • Legacy Network Service Vulnerabilities: Sniffers
  • Legacy Network Service Vulnerabilities: IP spoofing
  • Solution: Securing the Network Infrastructure
  • Solution: Using Symmetric Key Encryption
  • Solution: Using Public Key Encryption
  • Solution: Using Public Key Authentication
  • HP-UX Encryption & Authentication Product overview
  • Configuring SSH encryption & server authentication
  • Configuring SSH client/user authentication
  • Configuring SSH single sign-on
  • Managing SSH keys
  • Using the UNIX SSH Clients
  • Using PuTTY SSH Clients

Securing network services: IPFilter & nmap

  • Firewall overview
  • Packet filtering firewalls
  • Network Address Translation firewalls
  • Host versus perimeter firewalls
  • Installing IPFilter
  • Managing IPFilter rulesets
  • Configuring a default deny policy
  • Preventing IP and loopback spoofing
  • Controlling ICMP service access
  • Controlling access to UDP services
  • Controlling access to TCP services
  • Controlling access via active and passive FTP
  • Testing IPFilter rulesets with ipftest
  • Testing IPFilter rulesets with nmap
  • Monitoring IPFilter & Nessus

Hardening HP-UX with Bastille

  • Bastille overview
  • Installing Bastille
  • Generating a Bastille assessment
  • Creating a Bastille configuration file
  • Applying a Bastille configuration file
  • Applying a pre-configured Bastille configuration file
  • Applying a pre-configured Bastille configuration via Ignite-UX
  • Reviewing the Bastille logs
  • Monitoring changes with bastille_drift
  • Reverting to the pre-Bastille configuration
  • Integrating Bastille and HP SIM

Monitoring activity via system log files

  • Monitoring log files
  • Monitoring logins via last, lastb, and who
  • Monitoring processes via ps, top, and whodo
  • Monitoring file access via ll, fuser, and lsof
  • Monitoring network connections via netstat, idlookup, and lsof
  • Monitoring inetd connections
  • Monitoring system activity via syslogd
  • Configuring /etc/syslog.conf
  • Hiding connections, processes, and arguments
  • Doctoring log files and time stamps

Monitoring activity via SMSE auditing

  • Auditing overview
  • Trusted system versus SMSE auditing
  • Enabling and disabling auditing
  • Verifying auditing
  • & system calls to audit
  • Selecting users to audit
  • Selecting system calls, aliases, and events to audit
  • Creating and applying an audit profile
  • Viewing and filtering audit trails via auditdp
  • Switching audit trails
  • Understanding audomon AFS & FSS switches
  • Understanding audomon audit trail names
  • Configuring audomon parameters
  • Configuring audomon custom scripts

Monitoring suspicious activity via HP’s Host Intrusion Detection System (HIDS)

  • HIDS overview
  • HIDS architecture
  • Installing HP’s HIDS product
  • Configuring HIDS detection templates and properties
  • Configuring HIDS surveillance groups
  • Configuring HIDS surveillance schedules
  • Configuring HIDS response scripts
  • Assigning surveillance schedules to clients
  • Monitoring HIDS alerts and errors

Managing security patches with Software Assistant (SWA)

  • Security patch overview
  • SWA overview
  • Reading US-CERT advisory bulletins
  • Reading HP-UX security bulletins
  • Installing swa
  • Generating swa reports
  • Viewing swa reports
  • Retrieving swa recommended patches
  • Installing swa patches
  • Installing other products recommended by swa
  • Applying other manual changes
  • Regenerating swa reports
  • Purging swa caches
  • Viewing swa logs
  • Customizing swa defaults
  • Integrating SWA and HP SIM
  • Preventing unauthorized swa and swlist access
  • Preventing buffer overflow attacks
  • Setting the executable_stack kernel parameter
  • Setting the chatr +es executable stack option

Hardening HP-UX with Bastille

  • Bastille overview
  • Installing Bastille
  • Generating a Bastille assessment
  • Creating a Bastille configuration file
  • Applying a Bastille configuration file
  • Applying a pre-configured Bastille configuration file
  • Applying a pre-configured Bastille configuration via Ignite-UX
  • Reviewing the Bastille logs
  • Monitoring changes with bastille_drift
  • Reverting to the pre-Bastille configuration

Isolating applications via security compartments

  • Security compartment concepts
  • & Using FGP TRIALMODE
  • Compartment rule concepts
  • INIT compartment concepts
  • Installing compartment software
  • Enabling compartment functionality
  • Creating and modifying compartments
  • Viewing compartments
  • Adding network interface rules
  • Adding file permission rules
  • Adding a compartment-specific directory
  • Viewing compartments
  • Configuring compartment administrators
  • Configuring compartment users
  • Executing commands in compartments
  • Removing compartments
  • Disabling compartment functionality

Isolating Applications via Secure Resource Partitions

  • SRP concepts
  • SRP example
  • SRP subsystems
  • SRP templates
  • SRP services
  • Installing SRP
  • Enabling and configuring SRP
  • Verifying the SRP configuration
  • Creating an SRP interactively
  • Creating an SRP non-interactively
  • Adding the init, prm, network, ipfilter, login, and ipsec services to an SRP
  • Adding the ssh, apache, tomcat, and oracle templates to an SRP
  • Adding the custom template to an SRP
  • Deploying an application in an SRP
  • Updating an SRP
  • Viewing the SRP configuration & status
  • Starting & stopping an SRP
  • Accessing an SRP
  • Removing an SRP

Appendix: Improving user and password security with trusted systems

  • Trusted system overview
  • Configuring password format policies
  • Configuring password aging policies
  • Configuring user account policies
  • Configuring terminal security policies
  • Configuring access control policies
  • Configuring password aging policies
  • Understanding the /tcb directory structure

Appendix: Implementing chroot()

  • Limiting file access via chroot()
  • Configuring chroot()ed applications

Appendix: Implementing Fine Grained Privileges (FGP)

  • Limiting privileges via FGP
  • Installing FGP Software
  • Installing FGP Software
  • Recognized Privileges
  • Permitted, Effective, and Retained Privilege Sets
  • Configuring FGP Privileges via setfilexsec
  • Configuring FGP Privileges via RBAC
  • Configuring & Using FGP TRIALMODE

Appendix: Configuring Process Resource Manager (PRM)

  • Allocating resources without PRM
  • Allocating resources with PRM
  • PRM advantages
  • PRM managers
  • PRM groups
  • PRM Fair Share Scheduler concepts & configuration
  • PRM PSET concepts & configuration
  • PRM memory manager concepts & configuration
  • Reviewing available resources
  • Analyzing application requirements
  • Enabling PRM
  • Creating and updating the PRM configuration file
  • Monitoring resource usage

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX 11i v3 for Experienced HP-UX System Administrators (HK711S)

HP-UX 11i v3 for Experienced HP-UX System Administrators (HK711S)

HP-UX 11i v3 for Experienced HP-UX System Administrators (HK711S)

SPECIAL NOTES

This course replaces HE776S, which HP no longer schedules.

COURSE OVERVIEW

This course provides experienced HP-UX 11i System Administrators the opportunity to learn about and develop hands-on experience with many of the new, updated, and enhanced features of HP-UX 11i v3. Course topics of discussion include security, networking, and administration features, with hands-on lab exercises focusing on HP-UX 11i v3 administration features. The 3-day course is 50% lecture and 50% hands-on labs using HP servers.

PREREQUISITES
  • HP-UX System and Network Administration I (H3064S) and HP-UX System and Network Administration II (H3065S) or
  • HP-UX System and Network Administration for Experienced UNIX System Administrators (H5875S) or
  • Experience administering HP-UX 11i servers

NOTE: If you have attended HE775 – HP-UX 11i v3 Features and Functions, please be aware that HE775 is a subset of HK711.

AUDIENCE
  • System administrators familiar with HP-UX 11i v2
COURSE OBJECTIVES

At the conclusion of this course you should be able to:

  • Manage mass storage using HP-UX 11i v3 agile addressing
  • Implement new LVM features, including volume group quiescence, volume group attribute modification, striped logical volume mirrors, creation of LVM version 2.0 volume groups, and upgrades of LVM v1.0 volume groups
  • Use Dynamic Root Disk to protect the root volume group
  • Configure new crash dump features
  • Perform a cold installation of HP-UX 11i v3
  • Upgrade HP-UX 11i v2 to 11iv3
  • Upgrade an earlier HP-UX 11iv3 version to a later 11iv3 media kit using Dynamic Root Disk
  • Configure and monitor standard mode security extensions for user login and password control without converting to trusted mode
  • Use new network configuration and monitoring tools
  • Manage HP-UX 11i systems with System Management Homepage and new command line interfaces
NEXT STEPS
  • HP Integrity Server Blades Administration (HC590S)
BENEFITS TO YOU
  • Identify HP-UX 11i v3 features desired to enhance your HP-UX IT environment with the latest security, networking, and administration features
  • Develop the knowledge and skills to implement the new HP-UX 11i v3 features you select for your data center to enhance server management, software security, and networking capabilities
COURSE OUTLINE

Introduction to HP-UX 11i v3

  • Identify PA-RISC and Integrity server platforms that support HP-UX 11i v3
  • Locate online documentation for HP-UX 11i v3, including release notes, administration guides, and white papers

HP-UX 11i v3 Hardware Addressing

  • List the advantages of agile addressing
  • Display storage devices using legacy addressing
  • Display storage devices using agile addressing
  • Toggle storage device addresses between agile and legacy addressing
  • Use available CLUI, TUI, and GUI administration tools to manage addressable devices

HP-UX 11i v3 Dynamic Root Disk

  • Minimize downtime with Dynamic Root Disk
  • Creating and updating a clone
  • Mange inactive images

HP-UX 11i v3 Installation and Update

  • Perform a cold install of HP-UX 11i v3
  • Update an existing HP-UX 11i v2 system to HP-UX 11i v3
  • Update an earlier version of 11iv3 to a later version of 11iv3 via DRD

HP-UX 11i v3 Mass Storage

  • Identify LVM enhancements
  • Identify VxVM enhancements
  • Use SMH tools to manage disks

HP-UX 11i v3 File Systems

  • Identify file system enhancements (UFC, CacheFS, VxFS, NFS, CIFS, MemFS, ISO Image Files)

HP-UX 11i v3 User and Group Enhancements

  • Configure and manage users and groups using new configuration and login security features
  • Use available CLUI, TUI, and GUI administration tools to manage users and groups

HP-UX 11i v3 Kernel Tuning

  • Define types, display and modify types of dynamically tunable kernel parameters
  • Define and modify states of dynamically loadable kernel modules
  • Create, display, export, import, load, and boot named kernel configurations
  • Use available CLUI, TUI, and GUI administration tools to manage HP-UX 11i v3 kernel tuning

HP-UX 11i v3 Networking and Security Features

  • Identify major new, updated, or enhanced security features
  • Identify major new, updated, or enhanced networking features
  • Use available CLUI, TUI, and GUI administration tools for managing security and network features

HP-UX 11i v3 Fault Management

  • Use fault management features to display and analyze system health
  • Enable/disable PCI error handling
  • Perform PCI/PCI-X online addition, replacement, and deletion
  • Use Dynamic nPartitions to online migrate a cell
  • Configure selective, compressed and concurrent (parallel) dumps
  • Configure core dump parameters for applications
  • Create a live kernel dump

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX System and Network Administration II (H3065S)

HP-UX System and Network Administration II (H3065S)

HP-UX System and Network Administration II (H3065S)

COURSE OVERVIEW

This course is the second of two courses that prepare system administrators to successfully administer HP-UX servers in a networked environment. The 5-day course is 50 percent lecture and 50 percent hands-on labs using HP servers.

PREREQUISITES
  • HP-UX System and network administration I (H3064S) or equivalent experience
AUDIENCE
  • System and network administrators who maintain and configure system resources, control access to resources, and establish procedures
COURSE OBJECTIVES

At the conclusion of this course you should be able to:

  • Configure HP-UX TCP/IP connectivity
  • Configure HP-UX static and default routes
  • Configure custom HP-UX startup and shutdown scripts
  • Configure NFS and AutoFS servers and clients
  • Configure DNS servers and resolver clients
  • Configure telnet, ftp, remsh, rlogin, bootp, tftp, and other inetd services
  • Configure NTP, SSH, and LDAP servers and clients
  • Configure an SD-UX depot server
NEXT STEPS
  • HP-UX Logical Volume Manager (H6285S)
BENEFITS TO YOU
  • Learn how to optimize your system and network so users experience smooth functioning IT operations
  • Prepare to take the HP-UX Certified System Administrator exam
COURSE OUTLINE

LAN Concepts

  • Media Access Control (MAC) addresses
  • IP addresses and network classes
  • Host names
  • Converting IP addresses to MAC addresses
  • Populating the Address Resolution Protocol (ARP) cache
  • Managing packet flow with Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
  • Sending data to applications via ports
  • Managing ports with sockets

LAN Hardware Concepts

  • LAN hardware components, topologies, and access methods
  • Single- and multi-port network interface cards
  • Repeaters and hubs
  • Bridges and switches
  • Routers, gateways, and firewalls

Configuring LAN Connectivity

  • Installing and verifying LAN software
  • Installing and verifying LAN interface cards
  • Configuring link layer and IP connectivity
  • Configuring IP multiplexing
  • Configuring the system hostname and /etc/hosts
  • Configuring network tunable parameters

Configuring IP Routing

  • Routing concepts and tables
  • Viewing routing tables
  • Configuring static and default routes
  • Configuring the /etc/rc.config.d/netconf file

Configuring Subnetting

  • IP addresses and netmasks in a subnetted network
  • Host IP addresses on a subnet
  • Routers in a subnetted network

Troubleshooting Network Connectivity

  • Network troubleshooting tools overview
  • Troubleshooting network connectivity via nwmgr, lanscan, linkloop, and lanadmin
  • Troubleshooting network connectivity via arp, ping, netstat, and nsquery

Starting Network Services

  • Configuring network services via /etc/rc.config.d/ files
  • Controlling network services via /sbin/rc*.d/ directories and scripts
  • Starting and stopping network services via /sbin/init.d/ scripts
  • Creating custom startup/shutdown scripts

Configuring Network File Systems (NFS)

  • NFS concepts and versions
  • NFS servers and clients
  • NFS RPCs, program numbers, and rpcbind
  • NFS stateless operation and security concepts
  • NFS authentication and encryption concepts
  • Planning an NFS configuration
  • Selecting an NFS protocol
  • Maintaining UID, GID, and time consistency
  • Configuring and starting NFS server daemons
  • Temporarily and permanently sharing file systems
  • Verifying NFS server configuration
  • Configuring and starting NFS client daemons
  • Temporarily and permanently mounting NFS file systems
  • Verifying NFS client configuration
  • Troubleshooting NFS
  • NFS vs CIFS features and benefits

Configuring AutoFS

  • AutoFS concepts and maps
  • AutoFS commands and daemons
  • Configuring the AutoFS master and hosts maps
  • Configuring the AutoFS direct and indirect maps
  • Mounting home directories with AutoFS
  • Configuring AutoFS to access replicated servers
  • Troubleshooting AutoFS

Configuring Domain Name Service (DNS)

  • DNS concepts and hierarchical name space
  • DNS name servers and name server zones
  • Configuring DNS master, slave, and cache-only servers
  • Testing name servers with dig
  • Configuring DNS clients and the /etc/nsswitch.conf file
  • Testing resolver clients with nsquery
  • /etc/named.data and /etc/named.conf
  • Updating DNS master and slave servers

Configuring inetd Services

  • inetd service overview
  • Configuring /etc/rc.config.d/netdaemons
  • Configuring /etc/inetd.conf and /etc/services
  • Configuring /var/adm/inetd.sec
  • Configuring /etc/hosts.equiv and ~/.rhosts
  • FTP configuration issues

Configuring Secure Shell (SSH)

  • Network service vulnerabilities
  • SSH encryption, server, and client/user authentication and configuration
  • SSH single sign-on
  • Configuring SSH single sign-on
  • Using UNIX and PuTTY SSH clients

Configuring Network Time Protocol (NTP)

  • Introduction to NTP
  • NTP time sources, stratum levels, and roles
  • How NTP adjusts the system clock
  • Configuring NTP servers and clients and verifying NTP functionality

Managing Depots with SD-UX

  • SD-UX depot server concepts and advantages
  • Planning for depots
  • Adding software and patches to a depot
  • Removing software from a depot
  • Registering or unregistering a depot
  • Pulling and pushing software from a depot

Configuring LDAP-UX

  • LDAP concepts
  • Schema, object classes, attributes, and directory entries
  • Directory Information Trees (DITs), DNs, RDNs, and LDIF files
  • Servers, replicas, and LDAP clients
  • Referrals and security
  • LDAP software solutions for HP-UX
  • Installing and verifying an HP directory server
  • Installing and using a basic LDAP-UX client
  • Configuring /etc/nsswitch.conf and /etc/pam.conf
  • Managing passwords and directory entries

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html

Main › HP-UX System and Network Administration I (H3064S)

HP-UX System and Network Administration I (H3064S)

HP-UX System and Network Administration I (H3064S)

COURSE OVERVIEW

This hands-on course is the first of two courses that prepare system administrators to successfully configure, manage, maintain, and administer HP-UX servers in a networked environment. This course focuses on configuring disks, file systems, peripherals, and user accounts, as well as managing and configuring core OS, patches, and application software. Successful completion of HP-UX System and Network Administration I and II will help prepare students for the HP-UX CSA technical certification exam. The 5-day course is 50 percent lecture and 50 percent hands-on labs using HP servers.

PREREQUISITES
  • UNIX Fundamentals (51434S) or equivalent experience
AUDIENCE
  • HP-UX 11i system administrators and others who install, configure, and maintain HP-UX servers
COURSE OBJECTIVES

At the conclusion of this course you will be able to:

  • Install and manage HP-UX software and patches
  • Configure and manage peripheral devices and device files
  • Configure and manage disks using HP Logical Volume Manager (LVM)
  • Configure and manage file systems using HP Journal File System (JFS)
  • Configure HP-UX kernel drivers, subsystems, and tunable parameters
  • Minimize planned and unplanned downtime with DRD
  • Shutdown, boot, reboot Integrity HP-UX servers
NEXT STEPS
  • HP-UX System and Network Administration II (H3065S)
BENEFITS TO YOU
  • Gain the skills required to effectively install, configure, and manage HP-UX systems so users experience smooth running IT operations
COURSE OUTLINE

Navigating the System Management Homepage (SMH)

  • SAM and SMH overview
  • Launching the SMH GUI and TUI
  • Verifying SMH certificates
  • Logging into the SMH
  • Navigating the SMH interface
  • Launching SMH tools
  • Launching SMH tasks
  • Viewing SMH logs
  • Managing SMH access control
  • Managing SMH authentication
  • SMH and SIM integration concepts

Managing Users and Groups

  • User and group concepts
  • /etc/passwd, /etc/shadow, and /etc/group concepts
  • Creating, modifying, deactivating, and removing user accounts
  • Configuring password aging and password security policies
  • Managing groups
  • Managing /etc/skel

Navigating the HP-UX File System

  • Static and dynamic files and directory concepts
  • OS and application directory concepts
  • Top level directory concepts and contents
  • Searching for files and executables using the find, whereis, which, and file commands

Configuring Hardware

  • Hardware component overview
  • CPU, cell, crossbar, and Blade overview
  • SBA, LBA, and I/O overview
  • iLO/MP, core I/O, and interface adapter card overview
  • Internal disks, tapes, and DVD overview
  • Disk array, LUN, SAN, and multipathing overview
  • Partitioning overview
  • nPar, vPar, VM, and secure resource partition overview
  • System type overview
  • Entry-class rackmount server overview
  • Mid-range rackmount server overview
  • High-end server overview
  • HP BladeSystem overview
  • HP BladeSystem c-class enclosure overview
  • HP Integrity blade server overview
  • HP Integrity Superdome 2 overview
  • Viewing system hardware configuration
  • Viewing nPar, vPar, and VM hardware
  • Hardware address concepts
  • Legacy HBA, SCSI, and FC hardware address concepts
  • Agile View HBA, SCSI, and FC hardware address concepts
  • Viewing legacy hardware addresses
  • Viewing LUNs via Agile View
  • Viewing a LUN’s lunpaths via Agile View
  • Viewing an HBA’s lunpaths via Agile View
  • Viewing LUN health via Agile View
  • Viewing LUN attributes via Agile View
  • Enabling and disabling lunpaths
  • Slot address concepts
  • Slot address components
  • Viewing slot addresses
  • Installing interface cards with and without OL*
  • Installing new devices

Configuring Device Special Files

  • DSF attribute concepts
  • DSF directories
  • Legacy DSF names
  • Persistent DSF names
  • LUN, disk, and DVD DSF names
  • Boot disk DSFs
  • Tape drive DSFs
  • Tape autochanger DSFs
  • Terminal, modem, and printer DSFs
  • Listing legacy DSFs
  • Listing persistent DSFs
  • Correlating persistent and legacy DSFs
  • Correlating persistent DSFs with lunpaths and WWIDs
  • Decoding legacy and persistent DSF attributes
  • Creating DSFs via insf, mksf, and mknod
  • Removing DSFs via rmsf
  • Disabling and enabling legacy mode DSFs

Managing Disk Devices

  • Disk partitioning concepts
  • Whole disk partitioning concepts
  • LVM disk partitioning concepts
  • LVM physical volume concepts
  • LVM volume group concepts
  • LVM logical volume concepts
  • LVM extent concepts
  • LVM extent size concepts
  • LVM versions and limits
  • LVM DSF directories
  • LVMv1 device files
  • LVMv2 device files
  • Creating physical volumes
  • Creating LVMv1 volume groups
  • Creating LVMv2 volume groups
  • Creating logical volumes
  • Verifying the LVM configuration
  • Comparing disk space management tools

Managing File Systems

  • File system concepts
  • File system types
  • Superblock, inode, directory, block, extent, and intent log concepts
  • Hard and symbolic link concepts
  • HFS and VxFS comparison
  • Creating file systems
  • Mounting file systems
  • Unmounting file systems
  • Automatically mounting file systems
  • Mounting CDFS file systems
  • Mounting LOFS file systems
  • Mounting ISO file systems
  • Mounting MemFS file systems

Managing Swap Space

  • HP-UX memory concepts
  • HP-UX swap concepts
  • HP-UX swap types
  • HP-UX pseudoswap
  • Enabling swap via the CLI
  • Enabling swap via /etc/fstab
  • Monitoring swap space
  • Disabling swap
  • Guidelines for configuring swap space

Maintaining Logical Volumes and File Systems

  • Defragmenting file systems
  • Repairing corrupted file systems
  • Monitoring free space
  • Reclaiming wasted file system space
  • Extending, reducing, and removing volume groups
  • Extending, reducing, and removing logical volumes
  • Extending and reducing file systems

Preparing for Disasters

  • Disaster recovery, mirroring, and DRD concepts
  • Using DRD to minimize planned downtime
  • Using DRD to minimize unplanned downtime
  • Installing DRD
  • Using the drd command
  • Creating a DRD clone
  • Synchronizing a DRD clone
  • Verifying a DRD clone’s status
  • Accessing inactive images via DRD-safe commands
  • Managing software via DRD-safe commands
  • Managing kernel tunables via DRD-safe commands
  • Accessing inactive images via other commands
  • Activating and deactivating an inactive image
  • Customizing the make_*_recovery archive contents
  • Backing up the boot disk via make_tape_recovery
  • Backing up the boot disk via make_net_recovery
  • Using a make_*_recovery archive
  • Interacting with the recovery process

Accessing the System Console and the iLO/MP

  • Management processor concepts
  • Viewing MP/console ports
  • Connecting MP serial and LAN ports
  • Accessing the MP
  • Navigating the MP menu and web interfaces
  • Accessing nPar, vPar, and VM consoles
  • Accessing the VFP, console log, and system event log
  • Accessing the MP help menus
  • Accessing the MP command menu
  • Configuring the MP LAN interface
  • Enabling MP remote access
  • Managing MP user accounts and access levels
  • Managing MP login sessions
  • Rebooting via the MP

Booting PA-RISC Systems

  • HP-UX shutdown and reboot concepts
  • PA-RISC boot process major players
  • PA-RISC boot disk structures
  • PA-RISC boot process overview
  • Autoboot and manual boot concepts
  • Interacting with the BCH and ISL/IPL

Booting Integrity Systems

  • HP-UX shutdown and reboot concepts
  • Integrity boot process major players
  • Integrity boot disk structures
  • Integrity boot disk system, OS, and HPSP structures
  • Integrity and PA-RISC boot process comparison
  • UEFI/EFI addressing concepts
  • Autoboot and manual boot concepts
  • Booting from primary, alternate, and arbitrary boot devices
  • Booting from Ignite-UX servers and recovery archives
  • Managing boot menu settings
  • Managing console settings
  • Interacting with the UEFI/EFI shell
  • Interacting with the hpux.efi OS loader

Configuring the HP-UX Kernel

  • Kernel configuration concepts
  • Special kernel configurations
  • Kernel configuration commands
  • Modifying the current kernel configuration
  • Creating a named configuration
  • Copying a configuration
  • Loading a configuration
  • Kernel module concepts, states, and state changes
  • Viewing and managing module states
  • Kernel tunable concepts and types
  • Viewing, managing, and monitoring kernel tunables
  • Viewing, managing, and monitoring kernel resource alarms
  • Kernel troubleshooting
  • Viewing the kernel change log
  • Booting from an alternate kernel
  • Booting via override parameters
  • Booting to tunable maintenance mode

Managing Software with SD-UX

  • SD-UX software structure concepts
  • SD-UX software depot concepts
  • SD-UX IPD concepts
  • SD-UX daemon and agent concepts
  • Listing software
  • Installing and updating software
  • Removing software

Managing Patches with SD-UX

  • Patch concepts
  • Patch naming convention concepts
  • Patch supersession concepts
  • Patch rating concepts
  • Patch source concepts
  • Patch tool concepts
  • Downloading and installing patches from the HPSC
  • Installing patches from DVD, tape, and directory depots
  • Listing patches
  • Removing patches

Installing the OS with Ignite-UX

  • Install source concepts
  • Planning an install
  • Choosing an operating environment
  • Choosing an install-time security bundle
  • Locating the source media
  • Initiating a PA-RISC install
  • Initiating an Integrity install
  • Navigating the Ignite-UX menus
  • Verifying an installation
  • Completing post-install configuration tasks

Self-Study Appendices

  • Managing printers
  • Connecting to a network
  • Navigating the System Administration Manager (SAM)
  • Configuring the HP-UX 11i v1 kernel

For more information about HP training programs in Ukraine visit the web site at http://www8.hp.com/ua/ru/training/index.html