DIGITAL


      AV-PQRDE-TE



                 Read This Before Installing POLYCENTER
              Security Compliance Manager on UNIX Systems


      Thank you for purchasing POLYCENTER[TM] Security Compliance Man-
      ager (CM). Please ensure that you have the appropriate license
      for the software. You can obtain licenses from your Digital [TM]
      sales representative. To use the POLYCENTER Security CM soft-
      ware, you must have a POLYCENTER Security CM license. Before in-
      stalling POLYCENTER Security CM, carry out the following steps:

      1. Verify that all items listed on the Software Bill of Mate-
         rials are included in the software distribution kit and are
         not damaged. If items are missing or damaged, or if you find
         defective media during the installation process, contact your
         Digital sales representative.

      2. Before you begin to install the software, read one of the fol-
         lowing:

         o  POLYCENTER Security Compliance Manager for Digital UNIX
            and ULTRIX Installation Guide.

         o  POLYCENTER Security Compliance Manager for AIX, HP-UX, SunOS,
            and Solaris 2 Installation Guide.

         ©Digital  Equipment Corporation 1996. All rights reserved.

      __________________
  [TM] Digital, POLYCENTER, ULTRIX, VAX, and the DIGITAL logo are trade-
       marks of Digital Equipment Corporation.
      AIX is a registered trademark of International Business Machines
      Corporation.
      HP is a registered trademark of Hewlett-Packard Company.
      SunOS and Solaris are registered trademarks of Sun Microsystems,
      Inc.
      UNIX is a registered trademark in the United States and other
      companies, licenced exclusively through X/Open Company Ltd.

 






      3. If you are installing the software on an ULTRIX[TM] or Dig-
         ital UNIX[R] system, register the relevant License Product
         Authorization Key (License PAK).



      After installing the software, read the POLYCENTER Security CM
      Release Notes, contained in one of the following files:

      o  /usr/kits/SAR250/doc/inspect250.release_notes on AIX[R] sys-
         tems

      o  /usr/opt/SOA250/doc/inspect250.release_notes on Digital UNIX
         systems

      o  /usr/kits/SHP240/doc/inspect240.release_notes on HP[R]-UX sys-
         tems

      o  /usr/kits/SLS250/doc/inspect250.release_notes on Solaris[R]
         systems

      o  /usr/kits/SSS240/doc/inspect240.release_notes on SunOS[R] sys-
         tems

      o  /usr/kits/SUV240/doc/inspect240.release_notes on VAX[TM] UL-
         TRIX systems

      o  /usr/kits/SUR240/doc/inspect240.release_notes on RISC ULTRIX
         systems

      POLYCENTER Security CM for ULTRIX and POLYCENTER Security CM for
      Digital UNIX include support for the License Management Facil-
      ity (LMF). You must register a License Product Authorization Key
      (License PAK) in the License Database (LDB) before you use POLY-
      CENTER Security CM on a newly licensed node. Use the PAK as in-
      structed in the Installation Guide. Keep the PAK in a safe place
      for use with later releases of the operating system.

      A copy of the book, Practical UNIX[R] Security by Garfinkel and
      Spafford (copyright © O'Reilly & Associates, Inc.) is shipped
      with the POLYCENTER Security CM kit. This book contains useful
      recommendations on making your system more secure.

      The POLYCENTER Security CM software also includes an inspector
      that is based on the recommendations contained in the book. When
      you run POLYCENTER Security CM for the first time, the inspec-
      tor list contains an inspector called Practical UNIX Security.

                                     2

 






      To help you to understand the tests in this inspector, the hi-
      erarchy of the inspector matches the structure of the book.

      To use POLYCENTER security CM as part of a network security tool,
      you must create a Required Inspector that tests the system for
      compliance with your organization's security policy. The book
      Practical UNIX Security and the inspector based on its recom-
      mendations provide a valuable reference for defining both the
      security policy and the Required Inspector.





      Possession, use, or copying of the software described in this
      documentation is authorized only pursuant to a valid written li-
      cense from Digital, an authorized sublicensor, or the identi-
      fied licensor.

      While Digital believes the information included in this publi-
      cation is correct as of the date of publication, it is subject
      to change without notice.

      Digital Equipment Corporation makes no representations that the
      interconnection of its products in the manner described in this
      document will not infringe existing or future patent rights, nor
      do the descriptions contained in this document imply the grant-
      ing of licenses to make, use, or sell equipment or software in
      accordance with the description.



















                                     3