1. Manuals
  2. Brands
  3. Qlogic Manuals
  4. Switch
  5. SANbox 3810
  6. Installation manual

Device Security - Qlogic SANbox 3810 Installation Manual

Fibre channel switch
Hide thumbs Also See for SANbox 3810:
Table of Contents

Advertisement

Planning
Security
The SSL handshake process between the workstation and the switch involves the
exchanging of certificates. These certificates contain the public and private keys
that define the encryption. When the SSL service is enabled, a certificate is
automatically created on the switch. The workstation validates the switch
certificate by comparing the workstation date and time to the switch certificate
creation date and time. For this reason, it is important to synchronize the
workstation and switch with the same date, time, and time zone. The switch
certificate is valid 24 hours before its creation date and 365 days after its creation
date. If the certificate should become invalid, create a new certificate using the
Create Certificate CLI command. Refer to the SANbox 3810 Fibre Channel Switch
Command Line Interface Guide for information about the Create Certificate CLI
command.
Consider your requirements for connection security for the command line
interface (SSH).

Device Security

Device security provides for the authorization and authentication of devices that
you attach to a switch. You can configure a switch with a group of devices against
which the switch authorizes new attachments by devices or devices issuing
management server commands. Device security is configured through the use of
security sets and groups.
A group is a list of device worldwide names that are authorized to attach to a
switch. There are three types of groups: one for other switches (ISL)
devices (port), and a third for devices issuing management server commands
(MS).
A security set is a set of up to three groups with no more than one of each group
type. The security configuration is made up of all security sets on the switch. The
security database has the following limits:
Maximum number of security sets is 4.
Maximum number of groups is 16.
Maximum number of members in a group is 1000.
Maximum total number of group members is 1000.
In addition to authorization, the switch can be configured to require authentication
to validate the identity of the connecting device or host.
Consider the devices and management agents and evaluate the need for
authorization and authentication.
1
The SANbox 3810 switch cannot be connected to another switch, and therefore does not support
ISL groups.
2-8
S
1
, another for
59268-00 A

Advertisement

Table of Contents
loading

Related Manuals for Qlogic SANbox 3810

Related Content for Qlogic SANbox 3810

Table of Contents