beautypg.com

HP Integrity NonStop J-Series User Manual

Page 102

background image

Working with Patterns

Safeguard User’s Guide — 422089-020

9 - 6

Safeguard Pattern Configuration

The pattern protection records are stored in a new file in each volume’s SAFE
subvolume. The file name is SAFE.PATGUARD.

The integrity of the existing SAFE.GUARD files must be maintained. Therefore, the
existing rules for managing non-pattern protection records will be maintained, even
though the access result would be satisfied using a pattern protection record.
Therefore, when a file is created, renamed, or deleted, the existing legacy logic will be
employed to manage the appropriate SAFE.GUARD file. The exception to this rule is
the ONLY option.

Setting CHECK-DISKFILE-PATTERN to ONLY implies that maintaining the integrity of
the SAFE.GUARD files is not desired. This would be used by installations that have no
need to fall back to using the SAFE.GUARD files, such as installations that have not
used SAFEGUARD protection records prior to patterns; for example, installations that
required only authentication services. The use of ONLY is not recommended for
installations that have a substantial number of non-pattern protection records.

In order to avoid operational issues for installations that do have non-pattern protection
records, HP recommends you backup the SAFE.GUARD files, set the configuration to
FIRST, add pattern protection records and delete non-pattern protection records,
examine the audit trail, and when no accesses have been determined by non-patterns,
change the configuration to ONLY.

When ONLY is specified, you should limit use of ADD, ALTER, DELETE, FREEZE, or
THAW DISKFILE, SUBVOL, and VOLUME commands. This will preserve the content
of the SAFE.GUARD files. If the recommended approach is used, then the
SAFE.GUARD files will continue to be empty.

To fall back from ONLY, HP recommends you set the configuration to LAST, add
VOLUME, SUBVOL, and DISKFILE protection records, examine the audit trail, and
when no accesses have been determined by patterns, change the configuration to
OFF. Alternatively, the configuration can change from ONLY to FIRST or LAST rather
than OFF, depending upon the user requirements for mixing patterns and non-patterns.

Table 9-1

describes CHECK-DISKFILE-PATTERN settings. The 2 columns Normal and

Pattern indicate intermediate results returned from lookups of normal and pattern
protection records. The columns OFF, FIRST, LAST, and ONLY indicate the final
outcome after considering both outcomes from normal and pattern lookups, based on
the CHECK-DISKFILE-PATTERN setting.

This manual is related to the following products:
See also other documents in the category HP Computer hardware: