UnixPedia : HPUX / LINUX / SOLARIS: HPUX:- HPUX Partitions details

Wednesday, March 19, 2014

HPUX:- HPUX Partitions details

 

 

 

 

Secure Resource Partitions

 

Secure Resource Partitions enable the administrator to run multiple applications within a single nPar or vPar OS instance, while still providing each application guaranteed CPU,  memory, and I/O resources. Secure Resource Partitions utilize several HP-UX products:

 

Process Resource Manager (PRM) enforces minimum and maximum CPU, memory, and disk I/O bandwidth entitlements for each application. The administrator controls what percentage of system resources each Secure Resource Partition can utilize.

 

Processor Sets (PSETS) enable the administrator to assign one or more dedicated processors to an application, and reallocate PSET assignments when necessary.

 

Security Containment, a product introduced in 11i v2, facilitates the creation of security "compartments" that limit the network interfaces, sockets, files, directories, and kernel functions available to an application. Configuring each application in a separate security compartment ensures that applications can not intentionally or unintentionally interfere with other applications' resources.

 

IPFilter, an open source firewall solution, restricts network traffic flowing in and out of the SRP's network interfaces.

 

IPSec, a standards-based HP product that can optionally encrypt and authenticate network traffic flowing in and out of the SRP's network interfaces.

 

Secure Resource Partitions, an intuitive CLI / menu interface that automatically integrates and manages the components described above.

 

Secure Resource Partition Advantages:

Secure Resource Partitions enforce minimum and maximum CPU, memory, and disk I/O bandwidth entitlements for each application, and ensure that each application can only access its own files, directories, network interfaces and other resources.

 

Secure Resource Partition Disadvantages:

Secure Resource Partitions guarantee resource entitlements, but don't provide hardware or OS fault isolation. An OS panic or hardware failure causes all Secure Resource Partitions in the OS instance to fail.

 

 

 

No comments:

Post a Comment