AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest - clic.rte.kernext
Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive and tape drive, when used for backups) within an operating system. This requirement addresses protection of user-generated data, as well as operating system-specific configuration data. Organizations may choose to employ different mechanisms to achieve confidentiality and integrity protections, as appropriate, in accordance with the security category and/or classification of the information.
Install 'clic.rte' fileset if it is not installed using command: # installp -aXYqg -d /dev/cd0 clic.rte Run the follow command to initialize and enable EFS on the system: # efsenable -a To create a new EFS-enabled JFS2 file system and mount the file system, using the following commands: # crfs -v jfs2 -g rootvg -m /fs2 -a size=100M -a efs=yes # mount /fs2 To enable EFS on a JFS2 file system (like, /fs3), run the following command: chfs -a efs=yes /fs3