HP StorageWorks 2/16V Brocade Fabric OS Command Reference Manual (53-1000240-0 - Page 609

Note: Enter commands in lowercase only; mixed case is for readability. secPolicyCreate 2 secPolicyCreate Creates a new security policy. Synopsis secpolicycreate "name"[, "member[;member...]"] Description Use this command to create a new policy. All policies can be created only once, except for the DCC_POLICY_nnn. Each DCC_POLICY_nnn must each have a unique name. Adding members while creating a policy is optional. You can add members to a policy later, using the secPolicyAdd command. Each policy corresponds to a management method. The list of members of a policy acts as an access control list for that management method. When security is first enabled using the secModeEnable command, only the FCS_POLICY exists. Before a policy is created, there is no enforcement for that management method; that is, all access is granted. After a policy has been created and a member has been added to the policy, that policy becomes closed to all access except from included members. If all members are then deleted from the policy, all access is denied for that management access method. Note The FCS_POLICY can only be created when enabling secure mode using the secModeEnable command. If a TELNET_POLICY or SERIAL_POLICY is created, that ends the current sectelnet or serial session and a warning is issued. Note When secure mode is enabled, this command can be issued only from the primary FCS switch. Operands This command has the following operands: "name" Specify the name of a policy you want to create. Valid values for this operand are: • DCC_POLICY_nnn • TELNET_POLICY • HTTP_POLICY • API_POLICY • RSNMP_POLICY • WSNMP_POLICY • SES_POLICY • MS_POLICY • SERIAL_POLICY • FRONTPANEL_POLICY • SCC_POLICY • OPTIONS_POLICY The specified policy name must be capitalized. Fabric OS Command Reference Manual Publication Number: 53-1000240-01 2-575