OpenVMS 7.2 Security Essentials

This paper attempts to build on the foundational article submitted by Steven Bourdon in March 2002 (Bourdon), by providing a security-focused overview of the basic tasks performed when installing a standalone OpenVMS server. The steps outlined below were carried out on a MicroVAX 3100 Model 40 using a standard OpenVMS installation kit for V7.2 of the operating system (OS), but they also can apply to most VAX or Alpha Server systems. These security essentials are a distillation of the concepts and counsel provided by the OpenVMS manual Guide to System Security, and the features of various components of an OpenVMS server. Each feature is assessed on its strengths and weaknesses as delivered. Improvements over delivered defaults are offered. Additional resources to take OpenVMS beyond the delivered essentials also are provided.