HP StorageWorks 2/16V Brocade Fabric Manager Administrator's Guide (53-1000019 - Page 253
Managing Secure Fabrics, Enabling Secure Mode
View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 253 highlights
Managing Secure Fabrics Chapter 17 This chapter provides information on enabling secure mode for a fabric, adding a switch to a secure fabric, and checking secure fabrics prior to merging them. It also includes information about using the policy editor to configure security policies, and provides instructions on how to configure no node WWN zoning, how to change admin security passwords (for FCS or non-FCS switches/directors), and how to use telnet on a secure fabric. See the following sections for specific secure fabric information: • "Enabling Secure Mode" on page 17-1 • "Using the Policy Editor" on page 17-3 • "Adding a Switch to a Secure Fabric" on page 17-17 • "Merging Secure Fabrics" on page 17-18 • "Using Telnet on a Secure Fabric" on page 17-19 Enabling Secure Mode This section describes how to create a secure fabric using the Secure Fabric wizard. To use the Secure Fabric wizard, your primary FCS switch must be running Fabric OS v5.0.0 or later, Fabric OS v4.4.0 or later, or Fabric OS v3.2x or later. If your primary FCS switch is not running one of these operating systems, you must enable or disable secure mode using the CLI. See the Secure Fabric OS Administrator's Guide for CLI information. All switches in the fabric must be running Fabric OS v5.0.0 or later, Fabric OS v4.1x or later, Fabric OS V3.1x or later, or Fabric OS v2.6.1x or later regardless of whether you are using CLI or the Secure Fabric wizard. If you enable secure mode on a fabric that contains any Fabric OS v5.2.x switches, any switch local ACL policies (SCC, DCC, and Distributed Passwords) are discarded. You cannot enable secure mode under the following conditions: • You cannot enable secure mode on a fabric unless all switches in the fabric have a Secure Fabric OS license, a zoning license, and security certificates installed. For more information about security certificates, see the Secure Fabric OS Administrator's Guide. • You cannot enable secure mode for an edge fabric that is configured for Fibre Channel routing. See "FC-FC Routing and Secure Fabrics" on page 19-12 for additional limitations when using the FCFC Routing Service and secure fabrics. • You cannot enable secure mode on Admin Domain-aware fabrics. • You cannot enable secure mode if a fabric-wide consistency policy is configured on the switch. Fabric Manager Administrator's Guide Publication Number: 53-1000196-01-HP 17-1