Port Security; Device Security; Port Binding Dialog Box - HP StorageWorks 8/20q User Manual

Hp storageworks 8/20q and sn6000 fibre channel switch enterprise fabric management suite user guide (5697-0420, june 2010)
Hide thumbs Also See for StorageWorks 8/20q:
Table of Contents

Advertisement

Port security

Port binding ties a specific device WWN to a physical port number. Using the Port Binding dialog box,
you can enable/disable port binding for the port and add WWNs to the list of WWNs bound to the port.
The dialog box displays the port binding data received from the switch for the selected port.
To bind a WWN to a port:
1.
Select a switch in the fabric tree.
2.
Select a port, and select Port > Port Binding to open the Port Binding dialog box
3.
Select a WWN in the WWN field, and click Add to place the WWN into the WWN List. You can
specify a maximum of 32 WWNs. To remove a WWN from the list, select the WWN, and click
Remove.
4.
To enable port binding for the list of WWNs, check the Port Binding checkbox, and click OK.
NOTE:
Enabling port binding for an empty WWN list will isolate the port.
Figure 30

Port Binding dialog box

Device security

Device security provides for the authorization and authentication of devices that you attach to a switch. You
can configure a switch with a group of devices against which the switch authorizes new attachments by
devices, other switches, or devices issuing management server commands.
Device security is configured through the use of security sets and groups. A group is a list of device World
Wide Names that are authorized to attach to a switch. There are three types of groups: one for other
switches (ISL), another for devices (Port), and a third for devices issuing management server commands
(MS).
A security set is a set of up to three groups with no more than one of each group type. The orphan security
set contains the security groups and members that do not belong to a security set. Activating a security set
applies security to the switch or fabric. Only one security set can be active at one time.
An active security set with an ISL group allows changes to the security set to propagate to the other
switches in the ISL group. ISL group WWN, domain ID, and configuration information (except secrets)
propagate to the other switches in the ISL group so that all of the switches have the same security
information. If fabric binding is enabled on the ISL group, WWNs and domain IDs are verified against the
ISL group information before allowing a connection by another switch, providing another level of security.
66
Managing Fabric Security
(Figure
30).

Advertisement

Table of Contents
loading

This manual is also suitable for:

Sn6000

Table of Contents