User Security Considerations; Meeting Query Security Attribute Requirements - Brocade Communications Systems StoreFabric SN6500B Administrator's Manual
Brocade ficon administrator's guide v7.1.0 (53-1002753-01, march 2013)
Hide thumbs
Also See for StoreFabric SN6500B:
- User manual (1505 pages) ,
- Command reference manual (1168 pages) ,
- Reference (934 pages)
Table of Contents
Advertisement
Administering FICON Fabrics
User security considerations
To administer FICON, you must have one of the following roles associated with your login name on
the switch:
•
•
•
•
The User and BasicSwitchAdmin roles are view-only. The ZoneAdmin and SecurityAdmin roles have
no access.
In an Admin Domain-aware fabric, if you use the FICON commands (ficonShow, ficonClear,
ficonCupShow, and ficonCupSet) for any Admin Domain other than AD0 and AD255, the current
switch must be a member of that Admin Domain. The output is not filtered based on the Admin
Domain. In virtual fabrics, these commands apply to the current logical or specified switch only.
Meeting Query Security Attribute requirements
In a cascaded switch configuration, FICON channels use an Extended Link Services Query Security
Attributes (ELS QSA) function to determine whether they are connected to a high integrity fabric.
When a FICON channel is connected to a fabric that is not high integrity, the channel will go into an
invalid attachment and isolated state (drop light), which then requires you to recover with the CPU
Hardware Management Console (HMC).
To ensure the FICON Channel QSA requirements have been met, be sure to configure the following
features:
•
•
FICON Administrator's Guide
53-1002753-01
•
User security considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
•
Preparing a switch for FICON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
•
Configuring switched point-to-point FICON . . . . . . . . . . . . . . . . . . . . . . . . . . 20
•
Configuring cascaded FICON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
•
FICON and FICON CUP in Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
•
Addressing modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
•
Clearing the FICON management database . . . . . . . . . . . . . . . . . . . . . . . . . 29
•
Automating CS_CTL Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
•
FICON best practices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Admin
Operator
SwitchAdmin
FabricAdmin
Insistent domain ID
Fabric Wide Consistency Policy => SCC:S (Strict mode)
Chapter
2
17
Advertisement
Table of Contents
Troubleshooting
