Table of Contents
Advertisement
Obtaining Professional
Services
Server and
Storage-Level
Access Control
•
Reasons for zone implementation - Determine if zoning is to be
implemented for the enterprise. If so, evaluate if the purpose of
zoning is to differentiate between operating systems, data sets,
user groups, devices, processes, or some combination thereof.
Plan the use of zone members, zones, and zone sets accordingly.
•
Zone members specified by port number or WWN - Determine
if zoning is to be implemented by port number or WWN. Because
changes to port connections or fiber-optic cable configurations
disrupt zone operation and may incorrectly include or exclude a
device from a zone, zoning by WWN is recommended. However,
if zoning is implemented by WWN, removal and replacement of a
device HBA or Fibre Channel interface disrupts zone operation
and will exclude a new device from a zone unless the device is
added to the zone set.
•
Zoning implications for a multiswitch fabric - For a multiswitch
fabric, zoning is configured on a fabric-wide basis, and any
change to the zoning configuration is applied to all switches in
the fabric. To ensure zoning is consistent across a fabric, there can
be no duplicate Domain_IDs, the active zone set name must be
consistent, and zones with the same name must have identical
elements. Ensure these rules are enforced when planning zones
and zone sets, and carefully coordinate the zoning and
multiswitch fabric tasks.
Planning and implementing the zoning feature is a complex and
difficult task, especially for multiswitch fabrics. Obtain planning
assistance from McDATA's professional services organization before
implementing the director or switch zoning feature.
To enhance the access barriers and network security provided by
zoning through the director or fabric switch, security measures for
SANs can also be implemented at servers and storage devices.
Server-level access control is called persistent binding. Persistent
binding uses configuration information stored on the server and is
implemented through the server's HBA driver. The process binds a
server device name to a specific Fibre Channel storage volume or
logical unit number (LUN), through a specific HBA and storage port
WWN. For persistent binding:
Physical Planning Considerations
Physical Planning Considerations
5
5-29
Advertisement
Table of Contents
