This chapter describes those steps which must be taken by the VMS system manager to get LJK/Security up and running in your environment..

There are four phases involved in starting up from scratch:

1. Choosing the Master Node
2. Installation on the Master Node
3. Installation on Tributary Nodes
4. Starting Operation after a New Installation

The second and third steps must be performed by someone with full system management privileges on the machine(s) in question.

The example shown below takes program defaults wherever possible, for instance assuming that DECnet connections will be used for all communications between the master node and the tributary nodes.

In many cases 95% of the criteria you want will be taken care of by these default values. As you gain experience you can turn to the part about Site-Specific Customization Part, but initially you should use the built-in defaults.

Control of the assessment process is done from a single node ¹ designated as the master node. Factors you should consider in selecting that node include:

• Security
  Results of LJK/Security assessments are sensitive information because they list the security vulnerabilities of your computer systems.
• Availability
  If you are using DECnet for the transport medium (the default), try to pick a master node that is usually running at hours when you plan to run assessments on the tributary nodes (the other nodes). It is usually more efficient to run them during off-peak hours.
  Another consideration regarding availability is the availability of DECnet links and routers that may be required to reach the master node from the tributary node.
  If a DECnet connection cannot be made when the results of assessments are ready to be shipped back to the master node for reporting, LJK/Security will keep trying until it is available, but trying repeatedly is less efficient than succeeding the first time.

2.2 Installation on the Master Node

To install LJK/Security on the master node you will need disk space on the system disk of the master node as shown in Table 2-1. If there is insufficient space available, the VMSINSTAL procedure will exit with an appropriate error message.

Table 2-1 Master Node Disk Space Requirements

	Maximum Options		Minimum Options
	System Disk	Data Disk	System Disk	Data Disk
peak	50,000	6000	43,000	2500
net	40,000	6000	40,000	2500

Ensure users are logged off the master node. If they remain on during the installation, one of them could be accessing the VMS help library at the moment when the VMSINSTAL command procedure tries to update it, causing the installation to fail.

Effective with VAX VMS V5.4, VMSINSTAL sends a message to all users urging them to exit help. This is transmitted at 15 second intervals up to 20 times.

Although there is a kit provided for installing LJK/Security with the PRODUCT INSTALL command, LJK Software strongly recommends the VMSINSTAL.COM method due to shortcomings and version-to-version differences in PRODUCT INSTALL.

2.2.1 Installation on the Master Node using VMSINSTAL.COM

1. Mount the LJK/Security distribution CDROM:

   $ MOUNT ddcu: LJK_SEC_031

   replacing ddcu: with the name of your CDROM drive.

2. Invoke the VMSINSTAL command procedure specifying the product CDROM:

   $ @SYS$UPDATE:VMSINSTAL * DISK$LJK_SEC_031:[LJK_SECURITY031.KIT]

3. You will be asked 2 or 13 questions. The one you should concentrate on is the first one (about UIC selection). You should choose an unused UIC group number in coordination with any UIC-assignment plan in effect at your site.

   * What UIC group should be used for username LJK$SECURITY: 25 * Would you like the simplified installation dialog [YES]? * Is that object number for transmitting REQUESTS satisfactory [YES]? * Is that object number for receiving RESULTS satisfactory [YES]? * Is that treatment of other cluster member nodes acceptable [YES]? * Is that location for LJK/Security files satisfactory [YES]? * Is that DECwindows interface decision acceptable [YES]? * Is that Bookreader documentation decision acceptable [YES]? * Is that SHA1 checksum command procedure decision acceptable [YES]? * Is that Simple checksum command procedure decision acceptable [YES]? * Is that DoD Instruction 8500.2 command procedure decision acceptable [YES]? * Is that NIST 800-53 and 800-53a command procedure decision acceptable [YES]? * Is that CNSS Instruction 1253a command procedure decision acceptable [YES]? * Is that PCI DSS command procedure decision acceptable [YES]?

   Explanations of each question will be given before it is asked. You can get further information about any question by responding with a question mark (?), and for all but the first question you can respond with a carriage return to get the default behavior.
   

   Note The ability to let other cluster member nodes serve as LJK/Security master node depends on the VMS cluster alias node number feature. Therefore it will not be enabled for master nodes running VMS V4.2 or V4.3.

4. On an initial installation where file [000000]QUOTA.SYS is present, you will be reminded of the need to add disk quota for the LJK$SECURITY UIC.
   

   A disk quota file is present on the system disk, so you must ensure at least 10000 blocks of quota is given to UIC [25,1] ([LJK$SECURITY]).

5. On an initial installation under VMS V4.7 or earlier, you will also be told to insert a command in your site-specific system startup command procedure to enable LJK/Security each time the machine is booted.

   To set up LJK/Security on each system boot, your site-specific startup command file (SYS$COMMON:[SYSMGR]SYSTARTUP.COM) must contain the following line: $ @SYS$MANAGER:LJK$SECURITY_STARTUP

If you accepted the default action of installing Bookreader documentation for LJK/Security, the file LIBRARY.DECW$BOOKSHELF is installed in the area LJK$SECURITY_POLICY_AREA:, along with the actual Bookreader documentation (file type .DECW$BOOK). An individual user can access this information by defining the logical name DECW$BOOK to have an equivalence name of LJK$SECURITY_POLICY_AREA:. For longer term access it is better to make the LJK$SECURITY_POLICY_AREA: equivalence name be just one in a series of equivalence names for the logical name DECW$BOOK. This can be done as a system logical name to make the information generally available.

For experienced users of VMSINSTAL, optional features of that VMS facility are available when installing LJK/Security, with the following exceptions:

• Alternate Root
  Since the installation adds the username LJK$SECURITY to the system authorization file, VMSINSTAL mechanisms do not allow specification of alternate roots with this product.

As with other software products installed for the first time on VMS, if any other user was logged in during the installation, they will not be able to access the LJK/SECURITY command until they log out and log in again.

A complete sample script of a default installation on the master node can be found in Appendix A.

You will need disk space available on the system disk of the tributary node as shown in Table 2-2. If there is insufficient space available, the VMSINSTAL procedure will exit with an appropriate error message.

Table 2-2 Tributary Node Disk Space Requirements

	AXP	VAX
peak	20,000	21,000
net	13,000	7000

1. To permit access to the software just installed on the master node, you should log out and log back in again.
2. Log back in to the master node under a username which has appropriate facility-specific identifiers or is otherwise authorized as discussed in Section 5.4 (full privileges are not necessary for this part).
3. Build a software kit to install on tributary nodes using the following command:

   $ LJK/SECURITY KIT_BUILD/FILESPEC=LJK$SECURITY_RESULT_AREA:

4. Log into a fully privileged account on each tributary node and issue the commands:

   $ COPY node"username password"::LJK$SECURITY_RESULT_AREA:LJK_SECURITY%%%.% - SYS$LOGIN: $ @SYS$UPDATE:VMSINSTAL * SYS$LOGIN:

   where node is the name of the master node.

   Note At least as of VMS V5.4, DEC had coded the VMSINSTAL command procedure so that it cannot directly access save sets across DECnet with explicit access control strings. A separate COPY command is the recommended method (as above), on the presumption that a security-conscious site will not have default DECnet accounts established, particularly on the machine chosen for a LJK/Security master node.

   You will be asked 1 question, about UIC selection. You should choose an unused UIC group number in coordination with any UIC-assignment plan in effect at your site. This group must be unused on all nodes in the same cluster as this tributary node, but does not need to be the same as the group number used on the master node.

   * What UIC group should be used for username LJK$SECURITY: 362

   Explanations of this question will be given before it is asked. You can get further information about the question by responding with a question mark (?).

5. On an initial installation where file [000000]QUOTA.SYS is present, you will be reminded of the need to add quota for the LJK$SECURITY UIC.
   

   A disk quota file is present on the system disk, so you must ensure at least 4000 blocks of quota is given to UIC [362,1] ([LJK$SECURITY]).

6. On an initial installation under VMS V4.7 or earlier, you will also be told to insert a command in your site-specific system startup command procedure to enable LJK/Security each time the machine is booted.

   To set up LJK/Security on each system boot, your site-specific startup command file (SYS$COMMON:[SYSMGR]SYSTARTUP.COM) must contain the following line: $ @SYS$MANAGER:LJK$SECURITY_STARTUP

Magnetic media installation is described in Chapter 10, Using LJK/Security With Removable Media. That may be of interest if transmission lines are slow or if you choose to avoid DECnet for other reasons, such as security.

A complete sample script of a default installation on the tributary node can be found in Appendix B.

The steps remaining in the initial setup can be carried out by the security officer---someone with appropriate facility-specific identifiers or who is otherwise authorized as discussed in Section 5.4 on the master node. Full system management privileges are not required.

Regardless of which interface you use, as a brand new user of LJK/Security you will likely have an easier time devising your initial automatic testing policies if you run with resource-intensive tests disabled until you feel the rest of your policy settings accurately represent your goals.

Make appropriate use of the /METHOD= qualifier with commands like:

$ LJK/Security RUN <assessment-name> /METHOD=QUICK

2.4.2 Testing against Mandated Standards

Those who want to assess VMS security against a standard like NIST, CNSS, PCI-DSS or DoD 8500.2 should consult Appendix K, Creating Policies Based on Examples after installation.

Depending on the type of terminal you have, refer to one of the following sections:

• Section 3.3, Using the Window Interface on a New Installation
• Section 4.2, Using the Menu Interface on a New Installation
• Section 5.6, Using the Command Interface on a New Installation