Home » HP Manuals » Hubs & Switches » HP 316095-B21 » Manual Viewer

HP 316095-B21 FW 08.01.00 McDATA EFCM Basic User Manual (620-000240-000, Novem - Page 91

Controlling Access at the Switch, Controlling Access at the Server or Storage Device, Port Binding

UPC - 808736488280

Add to My Manuals
Save this manual to your list of manuals

Page 91 highlights

Understanding Zoning 4 Controlling Access at the Switch Controlling Access at the Server or Storage Device A port binding feature is available on switches and directors that allows you to "bind" a specific switch or director port to the world wide name (WWN) of an attached device for exclusive communication. This Port Binding feature is available through the the Port Binding command, under the Security menu (see Configuring Port Binding on page 5-33). Features available at the server or storage device can add methods beyond zoning to increase network security measures, differentiate between operating systems, and prevent data loss or corruption by controlling access between devices or between separate user groups (such as engineering or human resources). Server-level access control is called persistent binding. Persistent binding uses configuration information stored on the server and is implemented through the server's host bus adapter (HBA) driver. The process binds a server device name to a specific Fibre Channel storage volume or logical unit number (LUN), through a specific HBA and storage port WWN. In essence, this feature creates a reliable route across the fabric that sustains the small computer system interface (SCSI) connection between a server and storage device. For persistent binding: • Each server HBA is explicitly bound to a storage volume or LUN, and access is explicitly authorized (access is blocked by default). • The process is compatible with open system interconnection (OSI) standards. The following are supported: - Different operating systems and applications. - Different storage volume managers and file systems. - Different fabric devices, including disk drives, tape drives, and tape libraries. • If the server is rebooted, the server-to-storage connection is automatically re-established. • The connection is bound to a storage port WWN. If the fiber-optic cable is disconnected from the storage port, the server-to-storage connection is automatically re-established when the port cable is reconnected. The connection is also automatically re-established if the storage port is cabled through a different managed product port. Configuring Zoning 4-5

Section	Page
Cover	1
Preface	15
Introduction	19
Overview	19
Using the EFCM Basic Interface to Perform Tasks	20
Benefits	22
Key Terms	23
Fabric	23
Storage Area Network (SAN)	23
Zone (Zoning)	23
Zone Member	23
Zone Set	23
Suggested Reading	24
Where to Start	24
Starting the EFCM Basic Interface	25
Using the EFCM Basic User Interface	28
Navigational Tools of the EFCM Basic Page	29
Licensed Features	31
Viewing Product Information	33
Opening the Hardware Page	33
Front View and Rear View	34
Product Information	35
Viewing the Port List	36
Port List	37
Port Information	39
Health Status Information	41
Transceiver Information	42
Viewing the FRU List	43
Viewing Operating Parameters	44
Viewing the Node List	46
Viewing Performance Information	47
Using the Performance Page	47
Parts of Statistics Tables	47
Port Utilization Percentages and Error Totals	48
Traffic Statistics	48
Error Statistics	49
Class 2 Statistics	51
Class 3 Statistics	51
Open Trunking Statistics	51
Configuring the Product	53
Factory Default Values	54
Configuring Ports	54
Configuring Basic Port Information	54
Configuring Port Rx BB_Credits	57
Configuring NPIV	59
Configuring Switch Information	61
Configuring Switch Identification	61
Configuring Switch Date and Time	62
Configuring Switch Parameters	63
Configuring Fabric Parameters for the Switch	66
Configuring Network Parameters for the Switch	68
Configuring SNMP	70
Configuring CLI and SSH	71
Configuring OSMS and Host Control	72
Configuring SSL	73
Zoning	76
Configuring Performance Parameters	77
Configuring Open Trunking	77
Configuring Preferred Paths	79
Configuring Port Fencing	82
Setting a Switch Online and Offline	84
Enabling and Disabling Software	85
Enabling and Disabling the CLI	85
Upgrade Options	86
Configuring Zoning	87
Understanding Zoning	87
Controlling Access Across a Fabric	88
Controlling Access at the Switch	91
Controlling Access at the Server or Storage Device	91
Zoning Concepts	92
Merging Zoned Fabrics	97
Using The Zoning Page	99
Creating and Modifying a Zone	100
Create a New Zone	100
Add Zones Members to a Zone	101
Remove Zone Members from a Zone	102
Save the Zone to the Zone Set	102
Rename a Zone	102
Configuring the Zone Set	103
Create a Zone Set	103
Name and Rename a Zone Set	104
Add Zones to the Zone Set	104
Delete Zones From the Zone Set	105
Change a Zone that is in the Zone Set	105
Activate and Cancel the Zone Set Changes	105
Deactivate the Active Zone Set	106
State of the Default Zone	106
Configuring Security	107
Defining Authentication Settings	107
Configuring User Authentication	108
Adding, Editing, and Deleting User Names	108
Defining User Properties	110
Defining Authentication Settings for the Product	111
User Accounts with RADIUS Server	111
Configuring Software Authentication	112
Defining Which Software Is Authenticated	112
Configuring Software Authentication Properties	114
Configuring Out-of-Band Settings	114
Configuring OSMS Settings	115
Configuring Device Authentication	116
Defining the CHAP Secret of the Product	117
Defining Port Authentication Sequences	117
Configuring Authentication Devices	118
Applying a CHAP Secret to the Device	118
Adding a Device to the Authentication Devices List	119
Removing a Device from the Authentication Devices List	119
Configuring Port Authentication	120
Configuring the IP Access Control List	121
Setting the IP ACL State	122
Adding New Members to the List	122
Editing the List	123
Deleting Members from the List	123
Configuring the RADIUS Server	124
Add an Entry to the RADIUS Server List	125
Edit an Entry on the RADIUS Server List	126
Delete an Entry from the RADIUS Server List	126
Configure Priority of the RADIUS Servers	126
Configuring the Dead Time Parameter	127
Enabling the Enterprise Fabric Mode	128
Features and Parameters Enabled with Enterprise Fabric Mode	128
Configuring Fabric Binding	131
Enable, Disable, and Online State Functions	132
Identify Fabric Binding Status	133
Load the Current Fabric to the FBML	133
Add Members to the FBML	133
Delete Members from the FBML	133
Activate Fabric Binding	134
Deactivate Fabric Binding	134
Configuring Switch Binding	135
Enable, Disable and Online State Functions	136
Define Switch Binding State	137
Adding Members to the SBML	137
Removing Members from the SBML	138
Configuring Port Binding	139
Enabling and Disabling Safe Zoning Mode	140
Upgrade Options	141
Viewing System Logs	143
Viewing the Event Log	144
Error Event Code Categories	145
Viewing the Link Incident Log	146
Viewing the Audit Log	148
Viewing the Security Log	150
Viewing the Open Trunking Re-Route Log	152
Viewing the Fabric Log	154
Viewing the Embedded Port Frame Log	156
Defining Filtering Settings	157
Viewing All Logs	158
Viewing Syslog Configuration	160
Enable and Disable Syslogs	161
Add a Syslog Recipient	161
Edit a Syslog Recipient	162
Delete Syslog Recipients	162
Specify Which Logs Are Sent to a Recipient	162
Performing Product Maintenance	163
Switch Maintenance Tasks	164
Set the Product Online State	164
Set the Unit Beaconing State	165
Clear System Error Lights	165
Perform a System Configuration Reset	165
Setting Individual Port Beaconing	167
Resetting Ports	168
Performing Diagnostics on a Port	169
Accessing System Files	171
Retrieve the Dump File	171
Create the Data Collection File	172
Configuration Backup	173
Configuration Restoration	174
Upgrading Firmware	175
Activating Optional Features	176
Viewing Product Information	177
Enabling and Disabling Unit Beaconing	179
Clearing the System Error Light	180
HA Power Supplies	180
Upgrade Options	180
Using the Fabric View	181
Overview of the Fabric View	181
Fabric View Elements	181
Fabric Tree	182
Product Boxes	183
Software Upgrade and Feature Installation	185
Adding Licensed Features	186
Licensed Features	187
Entering a Feature Key	187
Upgrading Your SAN Management System	189
Differences Between EFCM Basic and other McDATA Products	189
Enterprise Fabric Connectivity Manager	189
SANavigator	190
Features and Functions	191
Management Features Provided by EFCM and/or SANavigator	192
Configuring the Product	192
Maintaining the Product	192
Monitoring System Performance	193
Error Messages	195
Glossary	259
A	260
B	262
C	264
D	268
E	270
F	272
G	276
H	277
I	279
K	282
L	282
M	284
N	286
O	288
P	289
R	292
S	293
T	298
U	299
V	301
W	301
X	302
Z	302
Index	305
Symbols	305
A	305
B	305
C	305
D	306
E	306
F	307
G	307
H	307
I	307
K	308
L	308
M	308
N	308
O	308
P	309
R	309
S	310
T	310
U	311
V	311
W	311

Match case Limit results 1 per page

Configuring Zoning

4-5

Understanding Zoning

Controlling Access

at the Switch

A port binding feature is available on switches and directors that

allows you to “bind” a specific switch or director port to the world

wide name (WWN) of an attached device for exclusive

communication. This Port Binding feature is available through the

the

Port Binding

command, under the

Security

menu (see

Configuring

Port Binding

on page 5-33).

Controlling Access

at the Server or

Storage Device

Features available at the server or storage device can add methods

beyond zoning to increase network security measures, differentiate

between operating systems, and prevent data loss or corruption by

controlling access between devices or between separate user groups

(such as engineering or human resources).

Server-level access control is called persistent binding. Persistent

binding uses configuration information stored on the server and is

implemented through the server’s host bus adapter (HBA) driver.

The process binds a server device name to a specific Fibre Channel

storage volume or logical unit number (LUN), through a specific

HBA and storage port WWN. In essence, this feature creates a reliable

route across the fabric that sustains the small computer system

interface (SCSI) connection between a server and storage device.

For persistent binding:

•

Each server HBA is explicitly bound to a storage volume or LUN,

and access is explicitly authorized (access is blocked by default).

•

The process is compatible with open system interconnection (OSI)

standards. The following are supported:

—

Different operating systems and applications.

—

Different storage volume managers and file systems.

—

Different fabric devices, including disk drives, tape drives,

and tape libraries.

•

If the server is rebooted, the server-to-storage connection is

automatically re-established.

•

The connection is bound to a storage port WWN. If the fiber-optic

cable is disconnected from the storage port, the server-to-storage

connection is automatically re-established when the port cable is

reconnected. The connection is also automatically re-established

if the storage port is cabled through a different managed product

port.