What allows us to do this

  1. NIS: network information system contains things like:
    1. file shares: /gaia/hostname/diskname
    2. groups: trustedhosts, seisadm, seis-nets
    3. no local user accounts
    4. lpstat -a; queue name
    1. Policy Based Security Depends on:
      1. the host
      2. the user
      3. the process
    2. trustedhosts=
      1. the os/hardware is supported by computing staff
      2. there is a disater recovery plan for that systems os
      3. root passwd is turned over to computing staff
      4. the number of services on the host is limited
      5. all logins are logged
      6. eeprom is passwd protected
    3. only trusted hosts are allowed to make use of certain network resources: file shares (maybe printers, maybe certain hosts)
  3. Logging
    1. Internal Logging
    2. External Logging
    3. Miscellaneous Logging