User Account Security; Device Security - Qlogic SANbox2-16 Installation Manual

Hide thumbs Also See for SANbox2-16:

Supplementary manual (2 pages)

Installation manual (180 pages)

Installation manual (228 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

Table of Contents

3.4.4

User Account Security

User account security consists of the administration of account names,

passwords, expiration date, and authority level. If an account has Admin authority,

all management tasks can be performed by that account in both SANbox Manager

and the Command Line Interface. Otherwise only monitoring tasks are available.

The default account name, Admin, is the only account that can administer user

accounts. Refer to

needs and determine the number of user accounts, their authority needs, and

expiration dates.

Account names and passwords are always required when connecting to a switch

through Telnet. However, SANbox Manager does not authenticate account names

when opening a fabric unless the UserAuthentication parameter is set to True

using the Set Setup System command. Refer to the

page B-54

configured the same for all switches in the fabric. If the UserAuthentication

parameter is False (default), SANbox Manager logs you in with the Admin account

name and password (password). Consider your user accounts and determine

whether user authentication is necessary.

3.4.5

Device Security

Device security provides for the authorization and authentication of devices that

you attach to a switch. You can configure a switch with a group of devices against

which the switch authorizes new attachments by devices, other switches, or

applications issuing management server commands. In addition to authorization,

the switch can be configured to require authentication of the connecting device

through the use of a password or secret.

Device security is configured through the use of security sets and groups. A group

is a list of device worldwide names that are authorized to attach to a switch. There

are three types of groups: one for other switches (ISL), another for N_Port devices

(port), and a third for devices or applications issuing management server

commands (MS). Device security is not supported for loop devices. A security set

is a set of up to three groups with no more than one of each group type. The

security database is made up of all security sets on the switch. The security

database has the following limits:

The maximum number of security sets is 4.

The maximum number of groups is 16.

The maximum number of members in a group is 1000.

The maximum total number of group members is 1000.

Consider the devices, switches, and management agents and evaluate the need

for authorization and authentication.

59021-07 A

"Device Security" on page

for more information. The UserAuthentication parameter must be

3-11. Consider your management

"Set Setup Command" on

3 – Planning

Device Access

3-11

Table of Contents

Need help?

Do you have a question about the SANbox2-16 and is the answer not in the manual?

User Account Security; Device Security - Qlogic SANbox2-16 Installation Manual

User Account Security

Device Security

Need help?

Related Manuals for Qlogic SANbox2-16

Related Content for Qlogic SANbox2-16

Table of Contents