Home » HP Manuals » Storage Devices » HP 8/20q » Manual Viewer

HP 8/20q HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabr - Page 73

Creating a security group member

Add to My Manuals
Save this manual to your list of manuals

Page 73 highlights

5. Select a security group type from the Security Group Type drop-down menu. A security set is limited to one group of each type. • ISL for secure connections to other switches • Port for secure connections to devices • MS for secure connections to devices that issue management server commands. 6. Click OK to save the change. 7. Click Apply to display the Save Security dialog box. 8. Click Save Security to apply changes to switch. 9. In the Security Set Activation dialog box, click Yes to save and activate the security set, or click No to save the security set without activation. 10. Click Close to close the Save Security dialog box. IMPORTANT: Activating a security set with an empty security group prevents all connections for that security group type. For example, an empty ISL security group causes the switch to reject all logins from other switches. Creating a security group member To create a group member and add it to a security group: 1. Select the entry switch in the fabric tree. 2. Click Security on the toolbar, or select Security > Edit Security to open the Edit Security dialog box (Figure 31). 3. Choose one of the following methods to open the Create a Security Group Member dialog box (Figure 37): • In the graphic window, select a security group, and click Security Member in the toolbar. • Right-click on a security group, and select Create Members from the popup menu. • In the graphic window, select a security group, and select Edit > Create Members. Figure 37 Create a Security Group Member dialog box 4. Open the Group Member drop-down list, and select a node World Wide Name. The switch must be a member of any group in which authentication is used. You can type a 16-character hex World Wide Name, or a 23-character WWN with the format xx:xx:xx:xx:xx:xx:xx:xx. 5. Open the Authentication drop-down list, and select the authentication protocol for that member: None (zero bytes) or Chap (16 bytes). 6. If the authentication protocol is Chap, choose a primary hash algorithm and type a primary secret. You can also click Generate to create a random primary secret. Re-type the primary secret in the Confirm Primary field. 7. If the authentication protocol is Chap, choose a secondary hash algorithm and type a secondary secret. If the primary hash is not supported on the initiator, the secondary hash and secret are used. HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide 73

Section	Page
Contents	3
Using Enterprise Fabric Management Suite	11
Installing Enterprise Fabric Management Suite	11
Table 1 Workstation requirements	11
Figure 1 Enterprise Fabric Management Suite installation	11
Starting Enterprise Fabric Management Suite	12
Figure 2 Initial Start dialog box	12
Figure 3 Add a New Fabric dialog box	13
Exiting Enterprise Fabric Management Suite	13
Figure 4 Save Default Fabric View File dialog box	13
Figure 5 Load Default Fabric View File dialog box	14
Uninstalling Enterprise Fabric Management Suite	14
Changing the encryption key for the default fabric view file	14
Saving and opening fabric view files	15
Setting Enterprise Fabric Management Suite preferences	15
Figure 6 Preferences dialog box—Enterprise Fabric Management Suite	15
Using online help	16
Viewing software version and copyright information	16
Enterprise Fabric Management Suite user interface	17
Figure 7 Topology display elements	17
Figure 8 SN6000 Fibre Channel Switch faceplate display	17
Figure 9 SN6000 Fibre Channel Switch backplate display	18
Fabric tree	18
Figure 10 Fabric tree	18
Graphic window	19
Data windows and tabs	19
Alerts panel	20
Figure 11 Alerts panel	20
Menu bars	21
Topology display menu	21
Table 2 Topology menu bar options	21
Faceplate display menu	22
Table 3 Faceplate menu bar options	22
Popup menus	25
Menu Shortcut keys	25
Tool bar	26
Table 4 Tool bar options	26
Working with switches and links	26
Working with ports	27
Managing Fabrics	29
Fabric firmware and software versions	29
Saving a version snapshot	29
Viewing and comparing version snapshots	29
Figure 12 Fabric Version Snapshot Analysis dialog box	29
Exporting version snapshots to a file	30
Managing the fabric database	30
Adding a fabric	30
Figure 13 Add a New Fabric dialog box	30
Removing a fabric	31
Opening a fabric view file	31
Saving a fabric view file	31
Rediscovering a fabric	31
Deleting switches and links	32
Adding a new switch to a fabric	32
Replacing a failed switch	32
Displaying fabric information	33
Link data window	33
Figure 14 Link data window	33
Displaying fabric status	34
Table 5 Topology display switch and status icons	34
Event browser	34
Figure 15 Event browser dialog box	35
Table 6 Port operational states	35
Filtering the event browser	36
Figure 16 Filter Events dialog box	36
Sorting the Event Browser	36
Saving the Event Browser to a file	36
Verifying Fibre Channel connections	36
FC Ping dialog box	37
Figure 17 FC Ping dialog box	37
FC Traceroute dialog box	38
Figure 18 FC TraceRoute dialog box	38
Device information and nicknames	38
Devices data window	39
Figure 19 Devices data window	39
Table 7 Devices data window fields	39
Figure 20 Detailed Devices Display window	40
Managing device port nicknames	40
Creating a nickname	40
Editing a nickname	41
Deleting a nickname	41
Exporting nicknames to a file	41
Importing a nicknames file	41
Fabric services	41
Enabling SNMP configuration	42
Enabling in-band management	42
Transparent router	42
Viewing inter-fabric routes	43
Transparent Routes data window	44
Figure 21 Transparent Routes data window	44
Table 8 Transparent Routes data window fields	44
Figure 22 Transparent Route dialog box	45
TR Mapping Manager dialog box	45
Figure 23 TR Mapping Manager dialog box	45
Adding an inter-fabric route	46
Figure 24 Add TR Mapping dialog box	46
Removing an inter-fabric route	47
Creating a zoning commands text file	47
Figure 25 Remote Fabric Zoning dialog box	47
Managing Fabric Zoning	49
Zoning concepts	49
Zones	49
Aliases	49
Zone sets	49
Zoning database	50
Using the Zoning Wizard	50
Managing the zoning database	50
Viewing zoning limits and properties	50
Viewing active and configured zone set information	51
Figure 26 Active Zoneset data window	51
Figure 27 Configured Zoneset data window	52
Editing the zoning database	52
Figure 28 Edit Zoning dialog box	52
Table 9 Edit Zoning dialog box tool bar	53
Table 10 Port/device icons	54
Configuring the zoning database	54
Figure 29 Zoning Config dialog box	54
Merge Auto Save	54
Default Zone	55
Discard Inactive	55
Saving and restoring the zoning database to a file	55
Saving the zoning database to a file	55
Restoring the zoning database from a file	55
Restoring the default zoning database	55
Removing all zone and zone set definitions	56
Merging fabrics and zoning	56
Zone merge failure	56
Zone merge failure recovery	56
Resolving active, configured, and merged zone sets	57
Managing zone sets	57
Creating a zone set	57
Activating and deactivating a zone set	58
Renaming a zone set	58
Removing a zone set	59
Managing zones	59
Creating a zone in a zone set	59
Copying a zone to a zone set	60
Adding zone members	60
Renaming a zone	61
Removing a zone member	62
Removing a zone from a zone set	62
Removing a zone from all zone sets	62
Managing aliases	63
Creating an alias	63
Adding a member to an alias	63
Removing an alias from all zones	64
Managing Fabric Security	65
Connection security	65
User account security	65
Port security	66
Figure 30 Port Binding dialog box	66
Device security	66
Figure 31 Edit Security dialog box	67
Managing the security database	67
Viewing the device security database	68
Figure 32 Configured Security data window	68
Figure 33 Active Security data window	68
Configuring the security data base	69
Figure 34 Security Config dialog box	69
Saving the security database to a file	69
Restoring the security database from a file	70
Resetting the security database	70
Managing security sets	70
Creating a security set	70
Figure 35 Create a Security Set dialog box	70
Removing a security set	71
Renaming a security set	71
Adding an existing group to a security set	71
Removing a group from a security set	71
Removing a group from all security sets	72
Activating a security set	72
Deactivating a security set	72
Managing security groups and members	72
Creating a security group	72
Figure 36 Create a Security Group dialog box	72
Creating a security group member	73
Figure 37 Create a Security Group Member dialog box	73
Modifying a security group member	74
Removing a member from a group	74
Using RADIUS servers	74
Adding a RADIUS server	75
Figure 38 Radius Server Information dialog box—Add server	75
Removing a RADIUS server	76
Figure 39 Radius Server Information dialog box—Remove server	76
Editing RADIUS server information	77
Figure 40 Radius Server Information dialog box—Edit server	77
Modifying authentication order RADIUS server information	78
Figure 41 Radius Server Information dialog box—Modify authentication order	78
Managing Switches	79
Managing user accounts	79
Creating user accounts	80
Figure 42 User Account Administration dialog box—Add account	80
Removing a user account	80
Figure 43 User Account Administration dialog box—Remove account	81
Changing a user account password	81
Figure 44 User Account Administration dialog box—Change password	82
Modifying a user account	82
Figure 45 User Account Administration dialog box—Modify account	83
Viewing switch information	83
Switch data window	84
Figure 46 Switch data window	84
Figure 47 Switch data window buttons	84
Table 11 Switch data window fields	84
Stack Links data window	89
Figure 48 Stack Links data window	89
Table 12 Stack Links data window	89
Configuring port threshold alarms	90
Figure 49 Port Threshold Alarm Configuration dialog box	90
Figure 50 Port threshold alarm example	91
Paging a switch	91
Setting the date/time and enabling NTP client	91
Figure 51 Date/Time dialog box	92
Resetting a switch	93
Table 13 Switch resets	93
Configuring a switch	93
Using the configuration wizard	93
Switch properties	93
Figure 52 Switch Properties dialog box	94
Domain ID and Domain ID lock	94
Syslog	94
Symbolic name	95
Switch administrative states	95
Broadcast support	95
In-band management	95
Fabric device management interface	95
Advanced switch properties (timeout values)	96
Figure 53 Advanced Switch Properties dialog box	96
Managing system services	97
Figure 54 System Services dialog box	97
Managing switch stacks	98
Configuring switches in a stack	98
Security consistency checklist	99
Figure 55 Security Consistency Checklist dialog box	99
Configuring the network	99
Figure 56 Network Properties dialog boxes	100
Network IP configuration	100
Table 14 Network Properties dialog box—IP fields	101
Network DNS configuration	102
Table 15 Network Properties dialog box—DNS fields	102
Network IP Security	103
Figure 57 IPsec Configuration dialog box	103
Table 16 IPsec Configuration dialog box buttons	103
Security policies	104
Figure 58 Create IP Security Policy dialog box	104
Table 17 Create IP Security Policy dialog box fields	104
Security associations	106
Figure 59 Create IP Security Association dialog box	106
Table 18 Create IP Security Association dialog box fields	106
Configuring SNMP	107
SNMP configuration and trap configuration parameters	107
Figure 60 SNMP Properties dialog box	108
Table 19 SNMP Properties dialog box fields	108
SNMP v3 security	109
Figure 61 SNMP v3 Manager dialog box	109
Adding an SNMP v3 user	110
Figure 62 SNMP v3 User Editor dialog box	110
Table 20 SNMP v3 User Editor dialog box fields	110
Modifying an SNMP v3 user	111
Removing an SNMP v3 user	111
Configuring Call Home	111
Figure 63 Call Home Setup dialog box	111
Table 21 Call Home Setup dialog box fields	112
Using the Call Home profile manager	113
Figure 64 Call Home Profile Manager dialog box	113
Creating a profile	114
Figure 65 Call Home Profile Editor dialog box	114
Table 22 Call Home Editor dialog box fields	114
Editing a profile	115
Copying a profile	115
Applying all profiles on a switch to other switches	116
Figure 66 Call Home Profile Multiple Switch Apply dialog box	116
Using the Call Home message queue	117
Figure 67 Call Home Message Queue dialog box	117
Testing Call Home profiles	117
Figure 68 Call Home Test Profile dialog box	117
Changing SMTP servers	117
Figure 69 Call Home Change Over dialog box	117
Testing a switch	118
Figure 70 Switch Diagnostics dialog box	118
Archiving a switch	119
Restoring a switch	120
Figure 71 Restore dialog boxes—full and selective	120
Restoring the factory default configuration	121
Table 23 Factory default configuration settings	121
Installing feature license keys	122
Figure 72 Feature Licenses dialog box	123
Figure 73 Add License Key dialog box	123
Downloading a support file	123
Figure 74 Download Support File dialog box	123
Installing firmware	124
Figure 75 Load Firmware dialog box for a single switch	125
Figure 76 Load Firmware dialog box for a stack	125
Managing Ports	127
Viewing port information	127
Port Information data window	127
Figure 77 Port Information data window	127
Table 24 Port Information data window buttons	127
Table 25 Port Information data window—Summary	128
Table 26 Port Information data window—Advanced	129
Table 27 Port Information data window—Extended Credits	129
Table 28 Port Information data window—Media	129
Table 29 Port Information data window—Digital Diagnostics Monitoring	130
Figure 78 Detailed Media Display dialog box	130
Port Statistics data window	131
Figure 79 Port Statistics data window	131
Table 30 Port Statistics data window fields	131
Configuring ports	134
Figure 80 Port Properties dialog box	134
Table 31 Port Properties dialog box fields	134
Port symbolic name	135
Port types	135
Table 32 Port types	135
Port states	136
Table 33 Port operational states	136
Table 34 Port administrative states	137
Port speeds	137
Table 35 Port speeds	137
Port media status	138
Table 36 Port media status	138
I/O StreamGuard	138
Device Scan	138
Auto Performance Tuning and AL Fairness	139
Figure 81 Advanced Port Properties dialog box	139
Using the Extended Credits wizard	139
Table 37 Extended Credits—Minimum Cable Lengths	140
Figure 82 Extended Credit Wizard dialog box	140
Moving a licensed port	141
Figure 83 Move Port License dialog box	141
Resetting a port	141
Testing ports	141
Figure 84 Port Diagnostics dialog box	142
Graphing port performance	143
Figure 85 EFMS Performance View graph	143
Starting EFMS Performance View	143
Exiting EFMS Performance View	143
Figure 86 Save Default Fabric View File dialog box—EFMS Performance View	144
Figure 87 Load Default Fabric View File dialog box—EFMS Performance View	144
Saving and opening Fabric View files	144
Changing the default Fabric View file encryption key for EFMS Performance View	144
Setting EFMS Performance View preferences	145
Figure 88 Preferences dialog box—EFMS Performance View	145
Setting the polling frequency	145
Figure 89 Set Graph Polling Frequency dialog box	145
Displaying Graphs	146
Arranging graphs in the display	146
Customizing graphs	147
Figure 90 Default Graph Options dialog box	147
Setting global graph type	148
Rescaling a selected graph	148
Printing graphs	148
Saving graph statistics to a file	148
Support and Other Resources	149
Document conventions and symbols	149
Table 38 Document conventions	149
JDOM license	149
Contacting HP	150
HP contact information	150
Subscription service	150
Documentation feedback	150
Related information	150
Documents	150
Other HP websites	151
Glossary	153
Index	157
A	157
B	157
C	157
D	157
E	157
F	157
G	158
H	158
I	158
L	158
M	158
N	158
O	158
P	158
R	159
S	159
T	159
U	159
V	159
W	159
X	160

Match case Limit results 1 per page

HP StorageWorks 8/20q and SN6000 Fibre Channel Switch Enterprise Fabric Management Suite User Guide

Select a security group type from the Security Group Type drop-down menu. A security set is limited to

one group of each type.

•

ISL for secure connections to other switches

•

Port for secure connections to devices

•

MS for secure connections to devices that issue management server commands.

Click

to save the change.

Click

Apply

to display the Save Security dialog box.

Click

Save Security

to apply changes to switch.

In the Security Set Activation dialog box, click

Yes

to save and activate the security set, or click

save the security set without activation.

10.

Click

to close the Save Security dialog box.

IMPORTANT:

Activating a security set with an empty security group prevents all connections for that

security group type. For example, an empty ISL security group causes the switch to reject all logins from

other switches.

Creating a security group member

To create a group member and add it to a security group:

Select the entry switch in the fabric tree.

Click

Security

on the toolbar, or select

Security > Edit Security

to open the Edit Security dialog box

(

Figure 31

Choose one of the following methods to open the Create a Security Group Member dialog box

(

Figure 37

•

In the graphic window, select a security group, and click

Security Member

in the toolbar.

•

Right-click on a security group, and select

Create Members

from the popup menu.

•

In the graphic window, select a security group, and select

Edit > Create Members

Figure 37

Create a Security Group Member dialog box

Open the Group Member drop-down list, and select a node World Wide Name. The switch must be a

member of any group in which authentication is used. You can type a 16-character hex World Wide

Name, or a 23-character WWN with the format

xx:xx:xx:xx:xx:xx:xx:xx

Open the Authentication drop-down list, and select the authentication protocol for that member: None

(zero bytes) or Chap (16 bytes).

If the authentication protocol is Chap, choose a primary hash algorithm and type a primary secret. You

can also click

Generate

to create a random primary secret. Re-type the primary secret in the Confirm

Primary field.

If the authentication protocol is Chap, choose a secondary hash algorithm and type a secondary

secret. If the primary hash is not supported on the initiator, the secondary hash and secret are used.