Home » HP Manuals » Storage Devices » HP StorageWorks 1606 » Manual Viewer

HP StorageWorks 1606 Brocade Fabric Watch Administrator's Guide v6.3.0 (53-100 - Page 41

Security class areas, Areas

View all HP StorageWorks 1606 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 41 highlights

Areas 3 Security class areas Table 8 lists Fabric Watch areas in the security class and describes what each area indicates. TABLE 8 Security class areas Area Indicates API Violations DCC Violations Front Panel Violations HTTP Violations Illegal Command Incompatible Security DB An API access request reaches a secure switch from an unauthorized IP address. An unauthorized device attempts to log in to a secure fabric. A secure switch detects unauthorized front panel access. A browser access request reaches a secure switch from an unauthorized IP address. Commands permitted only to the primary Fibre Channel Switch (FCS) are executed on another switch. Secure switches with different version stamps have been detected. Invalid Certificates Invalid certificates which represent an attempted security breach. Invalid Signatures Invalid signatures which occur when a switch cannot verify the signature of a packet. and rejects the packet. Invalid Timestamps Login Violations MS Violations No-FCS RSNMP Violations SCC Violations Invalid timestamps which occur if a time interval becomes too great from the time a packet is sent to the time it is received, and the switch rejects it. Login violations which occur when a secure fabric detects a login failure. MS (Management Server) violations which occur when an access request reaches a secure switch from an unauthorized WWN (World Wide Name). The WWN appears in the ERRLOG. The switch has lost contact with the primary FCS. RSNMP (Remote Simple Network Management Protocol) violations which occur when an SNMP get operation reaches a secure switch from an unauthorized IP address. SCC violations which occur when an unauthorized switch tries to join a secure fabric. The WWN of the unauthorized switch appears in the ERRLOG. Serial Violations Serial violations which occur when a secure switch detects an unauthorized serial port connection request. SES Violations SLAP Bad Packets SLAP Failures Telnet Violations TS Out of Sync WSNMP Violations SCSI Enclosed Services (SES) violations which occur when an SES request reaches a secure switch from an unauthorized WWN. Switch Link Authentication Protocol (SLAP) bad packets failure which occur when the switch receives unexpected packets and packets with incorrect transmission IDs. SLAP failures which occur when packets try to pass from a nonsecure switch to a secure fabric. Telnet violations which occur when a Telnet connection request reaches a secure switch from an unauthorized IP address. Time Server (TS) which occur when an out-of-synchronization error has been detected. WSNMP violations which occur when an SNMP set operation reaches a secure switch from an unauthorized IP address. Fabric Watch Administrator's Guide 17 53-1001342-01

Section	Page
About This Document	17
In this chapter	17
How this document is organized	17
Supported hardware and software	18
What’s new in this document	19
New information	19
Changed information	19
Removed information	19
Document conventions	20
Text Formatting	20
Notes, cautions, and warnings	20
Key terms	21
Additional information	21
Brocade resources	21
Other industry resources	21
Getting technical help	22
Document feedback	23
About Fabric Watch	25
In this chapter	25
Fabric health concepts	25
Fabric Watch overview	26
Fabric Watch alarm notifications	27
Fabric Watch event notifications	27
Fabric Watch audit messages	28
Data values	28
Switch policies	29
Virtual Fabric support	29
Port persistence	29
Port fencing	30
Fabric Watch Best Practices	31
In this chapter	31
Fabric Watch default settings	31
Reasons to customize Fabric Watch settings	31
Configuration decisions	32
Monitoring	32
Thresholds	33
Events	33
Alerts	33
Post-processing of messages	34
Fabric Watch components	35
In this chapter	35
Fabric Watch classes, areas, and elements	35
Classes	35
Areas	37
Environment class areas	37
Fabric class areas	37
FRU class areas	38
Performance Monitor class areas	39
Port class areas	39
Resource class area	40
Security class areas	41
SFP class areas	42
Elements	42
Fabric Watch threshold concepts	43
In this chapter	43
Threshold values	43
High and low thresholds	43
Buffer values	43
Time bases	45
Time base set to none	45
Time base set to other than none	45
Threshold event settings	47
Above event trigger	47
Below event trigger	48
Changed event trigger	48
In-between event triggers	49
Fabric Watch alarm behavior	49
Fabric Watch activation	51
In this chapter	51
Interfaces for activating Fabric Watch	51
Activating Fabric Watch using a Telnet session	51
Activating Fabric Watch using Web Tools	52
Activating Fabric Watch using SNMP	53
Fabric Watch basic configurations	57
In this chapter	57
Fabric Watch configuration	57
Configuration files	58
Configuring Fabric Watch with the configuration file	58
Configuring Fabric Watch using a pre-designed configuration template	58
Setting the port persistence time	59
Threshold configuration	59
Setting port thresholds using the fwConfigure command	59
Port threshold configuration using the portThConfig command	62
Refreshing a threshold configuration	67
Disabling a threshold configuration	67
Enabling a threshold	68
Enabling and disabling all port thresholds	69
Changing the threshold boundary level	69
Event configuration	73
Event behavior types	73
Fabric Watch notification	74
Error log entry (switch event)	74
SNMP notification	74
API notification configuration	75
RAPI trap	75
Port log lock	75
E-mail alert	75
Alarm notification configuration	76
Notification value configuration	77
Changing the numerical values of notification types	77
E-mail notification configuration	79
Port fencing	85
In this chapter	85
Configuring port fencing using the fwConfigure command	85
Configuring port fencing using the portFencing command	89
Area types	89
Advanced configuration	91
In this chapter	91
Configuring advanced options	91
Advanced configuration options	93
Fabric Watch Reports	95
In this chapter	95
Fabric Watch reports	95
Switch Availability Monitor (SAM) report	96
Generating a Switch Availability Monitor report	96
Switch Health report	97
Generating a Switch Health report	97
Switch Status Policy report	98
Generating a Switch Status Policy report	98
Port Detail report	99
Generating a Port Detail report	99
Switch and FRU configuration	101
In this chapter	101
Switch status policy planning	101
Implementing your switch status policy	102
Viewing your switch status policy	102
FRU configuration	103
System monitoring	105
In this chapter	105
System monitoring using the sysMonitor command	105
Configuring system monitoring	105
sysMonitor command examples	107
Fabric Watch commands	109
In this appendix	109
In this appendix	111
Fabric Watch default settings	111
Class default settings	111
Environment class default settings	112
Fabric class default settings	114
Performance Monitor class default settings	115
Port class default settings	116
E_Port class default settings	118
FOP_Port class default settings	120
VE_Port class default settings	121
Resource class default settings	122
Security class default settings	122
SFP class default settings	125
In this appendix	127
portThConfig command shortcuts	127
Port Type: Port	128
Area Type: CRC	128
Area Type: ITW	128
Area Type: C3TX_TO	128
Area Type: LinkReset	128
Area Type: Protocol Error	128
Area Type: LOS	129
Area Type: LinkFailure	129
Area Type: RX	129
Area Type: TX	129
Area Type: Statechange	129
Area Type: Trunk Utilization	129
Port Type: E_Port	130
Area Type: CRC	130
Area Type: ITW	130
Area Type: C3TX_TO	130
Area Type: LinkReset	130
Area Type: Protocol Error	130
Area Type: LOS	131
Area Type: LinkFailure	131
Area Type: RX	131
Area Type: TX	131
Area Type: Statechange	131
Area Type: Trunk Utilization	131
Port Type: FOP_Port	132
Area Type: CRC	132
Area Type: ITW	132
Area Type: C3TX_TO	132
Area Type: LinkReset	132
Area Type: Protocol Error	132
Area Type: LOS	132
Area Type: LinkFailure	133
Area Type: RX	133
Area Type: TX	133
Area Type: Statechange	133
Area Type: Trunk Utilization	133
Port fencing types	135

Match case Limit results 1 per page

Fabric Watch Administrator’s Guide

53-1001342-01

Areas

Security class areas

Table 8

lists Fabric Watch areas in the security class and describes what each area indicates.

TABLE 8

Security class areas

Area

Indicates

API Violations

An API access request reaches a secure switch from an unauthorized IP address.

DCC Violations

An unauthorized device attempts to log in to a secure fabric.

Front Panel Violations

A secure switch detects unauthorized front panel access.

HTTP Violations

A browser access request reaches a secure switch from an unauthorized IP address.

Illegal Command

Commands permitted only to the primary Fibre Channel Switch (FCS) are executed on

another switch.

Incompatible Security

Secure switches with different version stamps have been detected.

Invalid Certificates

Invalid certificates which represent an attempted security breach.

Invalid Signatures

Invalid signatures which occur when a switch cannot verify the signature of a packet.

and rejects the packet.

Invalid Timestamps

Invalid timestamps which occur if a time interval becomes too great from the time a

packet is sent to the time it is received, and the switch rejects it.

MS Violations

MS (Management Server) violations which occur when an access request reaches a

secure switch from an unauthorized WWN (World Wide Name). The WWN appears in

the ERRLOG.

No-FCS

The switch has lost contact with the primary FCS.

RSNMP Violations

RSNMP (Remote Simple Network Management Protocol) violations which occur when

an SNMP

get

operation reaches a secure switch from an unauthorized IP address.

SCC Violations

SCC violations which occur when an unauthorized switch tries to join a secure fabric.

The WWN of the unauthorized switch appears in the ERRLOG.

Serial Violations

Serial violations which occur when a secure switch detects an unauthorized serial port

connection request.

SES Violations

SCSI Enclosed Services (SES) violations which occur when an SES request reaches a

secure switch from an unauthorized WWN.

SLAP Bad Packets

Switch Link Authentication Protocol (SLAP) bad packets failure which occur when the

switch receives unexpected packets and packets with incorrect transmission IDs.

SLAP Failures

SLAP failures which occur when packets try to pass from a nonsecure switch to a

secure fabric.

Telnet Violations

Telnet violations which occur when a Telnet connection request reaches a secure

switch from an unauthorized IP address.

TS Out of Sync

Time Server (TS) which occur when an out-of-synchronization error has been detected.

WSNMP Violations

WSNMP violations which occur when an SNMP

set

operation reaches a secure switch

from an unauthorized IP address.