Table of Contents
Advertisement
User account security
User account security consists of the administration of account names, passwords, expiration date, and
authority level. If an account has Admin authority, all management tasks can be performed by that account
in McDATA Web Server, McDATA Element Manager, and the Telnet CLI. Otherwise only monitoring tasks
are available. The default account name, Admin, is the only account that can create or change account
names and passwords. Account names and passwords are always required when connecting to a switch.
Authentication of the user account and password can be performed locally using the switch's user account
database or it can be done remotely using a RADIUS server such as Microsoft
user logins on a RADIUS server requires a secure management connection to the switch. See
security" on page 24 for information about securing the management connection. A RADIUS server can
also be used to authenticate devices and other switches as described in
Consider your management needs and determine the number of user accounts, their authority needs, and
expiration dates. Also consider the advantages of centralizing user administration and authentication on a
RADIUS server.
NOTE:
If the same user account exists on a switch and its RADIUS server, that user can login with either
password, but the authority and account expiration will always come from the switch database.
Fabric management
Your choice of management tool depends on the number of fabrics you want to manage and the types of
switches:
•
The CLI provides configuration and control for one and only one McDATA 4Gb SAN Switch through a
Telnet session.
•
McDATA Web Server provides configuration and control for one fabric made up exclusively of McDATA
4Gb SAN Switches.
•
HAFM with McDATA Element Manager provides configuration and control for multiple fabrics that
consist of a mix of McDATA 4Gb SAN Switches and M-series McDATA switches. McDATA Element
manager requires a PFE key and must be launched from HAFM.
A switch supports a combined maximum of 19 logins reserved as follows:
•
4 logins or sessions for internal applications such as management server and SNMP
•
9 high priority Telnet sessions
•
6 McDATA Web Server, McDATA Element Manager, or Telnet logins. Additional logins will be refused.
Consider your fabric management needs including the number of fabrics and types of switches. Also
consider the number of management workstations that are are needed and their operating systems. See
"Fabric management
26
Planning
workstation" on page 27 for information about workstation requirements.
®
RADIUS. Authenticating
"Connection
"Device
security" on page 25.
Advertisement
Table of Contents
