Cisco Nexus 6000 Series Configuration Manual page 24

Overview
SAN Switching Overview
and hijacking even over untrusted links. A consistent set of policies and management actions are propagated
through the fabric to provide a uniform level of security across the entire fabric.
Port Security
The port security feature prevents unauthorized access to a switch port by binding specific world-wide names
(WWNs) that have access to one or more given switch ports.
When port security is enabled on a switch port, all devices connecting to that port must be in the port security
database and must be listed in the database as bound to a given port. If both of these criteria are not met, the
port will not achieve an operationally active state and the devices connected to the port will be denied access
to the SAN.
Fabric Binding
Fabric binding ensures Inter-Switch Links (ISLs) are enabled only between specified switches in the fabric
binding configuration, which prevents unauthorized switches from joining the fabric or disrupting the current
fabric operations. This feature uses the Exchange Fabric Membership Data (EEMD) protocol to ensure that
the list of authorized switches is identical in all of the switches in a fabric.
Fabric Configuration Servers
The Fabric Configuration Server (FCS) provides discovery of topology attributes and maintains a repository
of configuration information of fabric elements. A management application is usually connected to the FCS
on the switch through an N port. Multiple VSANs constitute a fabric, where one instance of the FCS is present
per VSAN.
Cisco Nexus 6000 Series NX-OS SAN Switching Configuration Guide, Release 6.x
4 OL-27932-01