HP 8/20q HP StorageWorks 8/20q Fibre Channel Switch installation and reference - Page 23

8/20q Fibre Channel Switch installation and reference guide

23

•

Secure Socket Layer (SSL)

: Provides for secure SSL connections for the QuickTools web applet and

SMI-S. This service must be enabled to authenticate users through a Remote Authenticaton Dial-in

Service (RADIUS) server. To enable secure SSL connections, you must first synchronize the date and time

on the switch and the workstation. Enabling SSL automatically creates a security certificate on the

switch. The default is disabled.

NOTE:

Simple SAN Connection Manager version 1.0 does not support the SSL service. If SSL is

enabled, you will be unable to manage the switch using this version of Simple SAN Connection

Manager.

•

QuickTools web applet (EmbeddedGUI

)

: Provides for access to the QuickTools web applet. QuickTools

enables you to point at a switch with an internet browser and manage the switch through the browser.

The default is enabled.

•

Simple Network Management Protocol (SNMP)

: Provides for the management of the switch through

third-party applications that use the Simple Network Management Protocol (SNMP). Security consists

of a read community string and a write community string that serve as passwords that control read and

write access to the switch. These strings are set at the factory to these well-known defaults and should

be changed if SNMP is to be enabled. Otherwise, you risk unwanted access to the switch. The default

is enabled.

•

Common Information Model (CIM)

: Provides for the management of the switch through third-party

applications that use the Storage Management Initiative–Specification (SMI-S). The default is enabled.

•

File Transfer Protocol (FTP)

: Provides for transferring files rapidly between the workstation and the switch

using FTP. The default is enabled.

•

Management Server (MS)

: Enables or disables the management of the switch through third-party

applications that use FC-GS-3 Management Server. The default is disabled.

•

Call Home:

IMPORTANT:

The Call Home service provides an e-mail notification capability for the switch. This

service has no relationship with the HP Call Home feature, which notifies only HP services.

Provides for automated e-mail notification of switch status and operating conditions based on specified

event severity levels. The default is enabled. The Call Home service requires an Ethernet connection to

at least one Simple Mail Transfer Protocol (SMTP) server. You must configure the Call Home service to

do the following:

•

Enable primary and secondary SMTP servers and specify their IP addresses

•

Specify contact information

Configure one or more Call Home profiles to specify e-mail recipients, message format, and the event

severity level that will initiate a message.

Fabric security

An effective security profile begins with a security policy that states the requirements. A threat analysis is

needed to define the plan of action, followed by an implementation that meets the security policy

requirements. Internet portals, such as remote access and E-mail, usually present the greatest threats. Fabric

security should also be considered in defining the security policy.

Most fabrics are located at a single site and are protected by physical security, such as key-code locked

computer rooms. For these cases, security methods, such as user passwords for equipment and zoning for

controlling device access, are satisfactory.

Fabric security is needed when security policy requirements are more demanding; for example, when

fabrics span multiple locations and traditional physical protection is insufficient to protect the IT

infrastructure. Another benefit of fabric security is that it creates a structure that helps prevent unintended

changes to the fabric.

Section	Page
Contents	3
About this guide	7
Intended audience	7
Related documentation	7
Document conventions and symbols	8
Table 1 Document conventions	8
Rack stability	9
HP technical support	9
Customer self repair	9
Product warranties	9
Subscription service	9
HP web sites	10
Documentation feedback	10
General description	11
Figure 1 8/20q Fibre Channel Switch	11
Switch LEDs and controls	12
Figure 2 Switch LEDs and controls	12
Input power LED (green)	12
Heartbeat LED (green)	12
System fault LED (amber)	12
Maintenance button	13
Resetting a switch	13
Placing the switch in maintenance mode	13
Fibre Channel ports	14
Figure 3 Fibre Channel ports	14
Port LEDs	14
Figure 4 Port LEDs	14
Port Logged-in LED (green)	14
Port Activity LED (green)	14
Transceivers	15
Port types	15
Ethernet port	15
Figure 5 Ethernet port	15
Serial port	16
Figure 6 Serial port and pin identification	16
Table 2 Serial port pin identification	16
Power supply and fans	16
Switch management	17
QuickTools web applet	17
Simple SAN Connection Manager	17
Command line interface	17
Simple Network Management Protocol	17
Storage Management Initiative-Specification (SMI-S)	17
File transfer protocols	17
Planning	19
Devices	19
Device access	19
Table 3 Zoning database limits	20
Performance	20
Distance	20
Bandwidth	20
Latency	21
Table 4 Port-to-port latency	21
Feature licenses	21
Multiple switch fabrics	21
Optimizing device performance	21
Domain ID, principal priority, and domain ID lock	22
Common topologies	22
Switch services	22
Fabric security	23
Connection security	24
User account security	24
Port binding	25
Device security	25
Fabric management	26
Installation	27
Site requirements	27
Management Station and Workstation requirements	27
Table 5 Management station requirements for Simple SAN Connection Manager	27
Table 6 Workstation requirements for QuickTools	28
Switch power requirements	28
Environmental conditions	28
Installing a switch	28
Mount the switch	29
Before you begin	29
Collect the required items	30
Verify the kit contents	30
Table 7 8/20q Fibre Channel Switch rack mount kit hardware	30
Rack the switch	31
Figure 7 Attaching the rails to the switch	31
Figure 8 Installing the rear mounting brackets	31
Figure 9 Installing the switch and rail assembly	31
Figure 10 Fastening the rail to the front of the rack	32
Figure 11 Fastening the rail to the rear mounting bracket	32
Figure 12 Installing the filler panel	32
Install the transceivers	33
Configure the workstation	33
Configuring the workstation IP address for Ethernet connections	33
Configuring the workstation serial port	33
Apply power to the switch	34
Connect the management station or workstation to the switch	35
Figure 13 Management station and workstation cable connections	35
Configure the switch	35
Simple SAN Connection Manager switch configuration	35
QuickTools switch configuration	35
CLI switch configuration	36
Cable devices to the switch	36
Installing firmware	36
Using QuickTools to install firmware	37
Using the CLI to install firmware	37
One-step firmware installation	38
Custom firmware installation	39
Adding a switch to an existing fabric	39
Installing feature license keys	40
Diagnostics and troubleshooting	41
Switch diagnostics	41
Figure 14 Switch LEDs	41
Input power LED is extinguished	41
System fault LED is illuminated	42
Power-On self test diagnostics	42
Heartbeat LED blink patterns	42
Internal firmware failure blink pattern	42
Fatal POST error blink pattern	43
Configuration file system error blink pattern	43
Over-temperature blink pattern	43
Logged-in LED indications	44
Figure 15 Logged-in LED	44
E_Port isolation	44
Excessive port errors	45
Recovering a switch using maintenance mode	46
Exiting the maintenance menu (option 0)	47
Unpacking a firmware image file in maintenance mode (option 1)	47
Resetting the network configuration in maintenance mode (option 2)	47
Resetting user accounts in maintenance mode (option 3)	47
Copying log files in maintenance mode (option 4)	48
Removing the switch configuration in maintenance mode (option 5)	48
Remaking the file system in maintenance mode (option 6)	48
Resetting the switch in maintenance mode (option 7)	48
Updating the boot loader in maintenance mode (option 8)	48
Regulatory compliance and safety	49
Regulatory compliance	49
Federal Communications Commission notice for Class A equipment	49
Cables	49
Laser device	49
Laser safety warning	49
Certification and classification information	50
Laser product label	50
Figure 16 Class 1 laser product label	50
International notices and statements	50
Canadian notice (avis Canadien)	50
European Union regulatory notice	51
Japanese notice	51
Korean notice	51
Taiwan notice	51
Electrostatic discharge	53
How to prevent electrostatic discharge	53
Grounding methods	53
Technical specifications	55
General specifications	55
Table 8 General specifications	55
Maintainability features	56
Table 9 Maintainability features	56
Fabric management specifications	57
Table 10 Fabric management specifications	57
Weight and physical dimensions	57
Table 11 Switch physical dimensions	57
Electrical specifications	57
Table 12 Electrical specifications	57
Environmental requirements	58
Table 13 Environmental requirements	58
Factory configuration defaults	59
Factory switch configuration	59
Table 14 Switch configuration defaults	59
Factory port configuration	60
Table 15 Port configuration defaults	60
Factory port threshold alarm configuration	61
Table 16 Port threshold alarm configuration defaults	61
Factory zoning configuration	61
Table 17 Zoning configuration defaults	61
Factory SNMP configuration	62
Table 18 SNMP configuration defaults	62
Factory switch services configuration	62
Table 19 Services configuration defaults	62
Factory system configuration	63
Table 20 System configuration defaults	63
Factory RADIUS configuration	63
Table 21 RADIUS configuration defaults	63
Factory security configuration	64
Table 22 Security configuration defaults	64
Factory Call Home configuration	64
Table 23 Call Home service configuration defaults	64
Glossary	65
Index	69
Numerics	69
A	69
B	69
C	69
D	69
E	69
F	69
G	70
H	70
I	70
L	70
M	70
N	70
O	70
P	70
Q	70
R	71
S	71
T	71
U	71
V	71
W	71

HP 8/20q HP StorageWorks 8/20q Fibre Channel Switch installation and reference - Page 23

Fabric security

Page 23 highlights