Fabric Os Features In Access Gateway Mode - Brocade Communications Systems A7533A - Brocade 4Gb SAN Switch Base Administrator's Manual
Brocade access gateway admin guide v6.1.0 (53-1000605-02, june 2008)
Hide thumbs
Also See for A7533A - Brocade 4Gb SAN Switch Base:
- Reference manual (1240 pages) ,
- Command reference manual (894 pages) ,
- Reference (550 pages)
Table of Contents
Advertisement
1
Brocade Access Gateway
FIGURE 1
The following points summarize the differences between a Fabric OS switch in Native mode and a
Fabric OS switch in AG mode:
•
•
Fabric OS features in Access Gateway mode
When a switch is behaving as an Access Gateway, RBAC features in Fabric OS are available, but
Admin Domains, Advanced Performance Monitoring, direct connection to SAN target devices are
available, Fibre Channel Arbitrated Loop support, Fabric Manager, FICON, IP over FC, ISL trunking,
extended fabrics, management platform services, name services (SNS), port mirroring, SMI-S, and
zoning are not available. For more information on AG supported features, see
trunking considerations"
configure AG.
All security enforcement is done in the Enterprise fabric using the Advanced Device Security policy
(ADS), which secures virtual connections in the case where the physical connection to the SAN is
lost. When you enable the ADS policy, by default, every port is configured to allow all devices to log
in or be a part of the Access List. The Allow list restricts the number of devices that can log in to a
specified F_Port. Because all WWNs are a part of the Access List, you can identify which devices
are allowed to log in on a per F_Port basis by specifying the device's port WWN(PWWN). Using the
ag
--
For example, the Allow List can include the N_Port WWN and the PWWNs of all the HBAs connected
to the F_Ports that are mapped an N_Port, which is connected to a switch in AG mode. If there is an
ADS policy violation, the AG connection is disabled and all of the N_Ports to which the F_Ports are
connected are also disabled. For information on how to specify which devices to include or exclude
at login, see
devices cannot log in if ADS policy is enabled"
2
Access Gateway and fabric switch comparison
The Fabric OS switch in Native mode is a part of the fabric; it requires two to four times as
many physical ports, consumes fabric resources, and can connect to a Fabric OS fabric only.
AG is outside the fabric; it reduces the number of switches in the fabric and the number of
required physical ports. You can connect AG to either a Fabric OS, M-EOS, or Cisco-based
fabric.
on page 23. You must have the role of securityadmin, admin, or user to
adsset command, you can set the "Allow List" to All Access or No Access.
"Setting which devices can log in if ADS policy is enabled"
on page 9 or
on page 10.
Access Gateway Administrator's Guide
"Access Gateway
"Setting which
53-1000605-02
Advertisement
Table of Contents
