Qlogic SANbox 5602 Installation Manual page 64
Fibre channel switch
Hide thumbs
Also See for SANbox 5602:
- User manual (324 pages) ,
- Supplementary manual (2 pages) ,
- Installation manual (228 pages)
Table of Contents
Advertisement
3 – Planning
Fabric Security
1.
Create a security set (Security_Set_2) on Switch_2.
2.
Create a Management Server group (Group_1) in Security_Set_2 with
Switch_2 and HBA_2 or APP_2 as its member.
Switch_2
HBA_2 or APP_2
3.
Configure security on HBA_2 or APP_2 using the appropriate management
tool. Logins between the Switch_2 and HBA_2 or APP_2 will be challenged
(MD5) for their respective secrets. Therefore, the secrets that you
configured for HBA_2 or APP_2 on Switch_2 must also be configured on
HBA_2 or APP_2.
4.
Save Security_Set_2 and prepare to activate it. Activating a security set
does not affect currently logged-in ports. Therefore, to apply the security
policy that you designed in the security database, you must offline the
secured ports, activate the security set, then place the secured ports online.
3-26
You must specify HBAs by node worldwide name. Switches can be
specified by port or node worldwide name. The type of switch
worldwide name you use in the switch security database must be the
same as that in the HBA security database. For example, if you specify
a switch with a port worldwide name in the switch security database,
you must also specify that switch in the HBA security database with the
same port worldwide name.
For MD5 authentication, create secrets.
Node WWN: 10:00:00:c0:dd:07:c3:4e
CT Authentication: True
Hash: MD5
Secret: 9876543210fedcba9
Node WWN: 10:00:00:c0:dd:07:c3:4d
CT Authentication: True
Hash: MD5
Secret: fedcba9876543210
MS Group: Group_1
0
59096-01 A
Advertisement
Table of Contents
