HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 24

Verifying Compatible Fabric OS Version

Get HP StorageWorks 2/16V - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/16V manuals
Add to My Manuals
Save this manual to your list of manuals

Page 24 highlights

2 • Remove user-defined Administrative Domains: Secure mode does not support Administrative Domains, therefore remove all user-defined ADs (AD1-254). • Disable Administrative Domains and assign users to default AD. Set Administrative Domains to disabled and assign all users to the default Administrative Domain of their role. For more information about Administrative Domain assignments, see the Fabric OS Administrator's Guide. • Fabric-wide consistency policy is not defined. Clear Fabric-wide Consistency policies. Secure mode does not support the distribution of local SCC and DCC policies. To clear this setting, see the Fabric OS Administrator's Guide. Before enabling secure mode, install a supported CLI client on all network workstations that will be used to access the switch command line management interface. See "Installing a Supported CLI Client on a Workstation" on page 2-28 for detailed instructions. Note If any switches are incapable of enforcing security, secure mode is not enabled in the entire fabric. For SilkWorm 24000 directors configured with two logical switches and any version of Fabric OS v4.x, follow the instructions provided in "Preparing SilkWorm 24000 for Secure Fabric OS" on page 2-26. Verifying Compatible Fabric OS Version Identify the versions of Fabric OS currently installed on each switch and determine which switches require upgrading to support Secure Fabric OS. Secure Fabric OS is supported by Fabric OS v2.6.2, v3.2.0, v4.4.0, v5.0.1, v5.1.0, and v5.2.0and can be implemented in fabrics that contain any combination of these versions. The following switches must have the Fabric OS version shown below: • SilkWorm 2000-series switches with Fabric OS v2.X must be upgraded to v2.6.2 • SilkWorm 3200 or 3800 switches with Fabric OS v3.X must be upgraded to v3.2.0 • SilkWorm 3900 switches with Fabric OS v4.0.x must be upgraded to v4.1.x through v5.2.0 • Silkworm 12000 directors with Fabric OS v4.0x must be upgraded to v4.1.x through v5.0.1 The following switches must have the Fabric OS version shown below: • SilkWorm 3250, 3850, and 24000 switches from Fabric OS v4.2.x to v5.2.0 • SilkWorm 4100 switches from Fabric OS v4.4.0 to v5.2.0 • SilkWorm 200E and 3014 switches and SilkWorm 48000 directors from Fabric OS v5.0.1 to v5.2.0 • SilkWorm 4900 and 7500 switches with Fabric OS v5.2.0. Note Combinations of switches running Fabric OS v2.6.2 or v3.2.0 and Fabric OS v4.4.0, v5.1.0, v5.1.0, or v5.2.0 must use compatible PID modes. See the Fabric OS Administrator's Guide for information about PID modes. Changing the PID format causes an update to the DCC policies. If you change the PID format, use the configUpload command to create a new backup configuration file. Do not use the configDownload file to load the old file saved from a different PID format. 2-2 Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
2-2
Secure Fabric OS Administrator’s Guide
Publication Number: 53-1000244-01
2
Remove user-defined Administrative Domains:
Secure mode does not support Administrative
Domains, therefore remove all user-defined ADs (AD1-254).
Disable Administrative Domains and assign users to default AD.
Set Administrative Domains
to disabled and assign all users to the default Administrative Domain of their role. For more
information about Administrative Domain assignments, see the
Fabric OS Administrator’s Guide
.
Fabric-wide consistency policy is not defined
. Clear Fabric-wide Consistency policies. Secure
mode does not support the distribution of local SCC and DCC policies. To clear this setting, see the
Fabric OS Administrator’s Guide
.
Before enabling secure mode, install a supported CLI client on all network workstations that will be
used to access the switch command line management interface. See
“Installing a Supported CLI Client
on a Workstation”
on page 2-28 for detailed instructions.
Verifying Compatible Fabric OS Version
Identify the versions of Fabric OS currently installed on each switch and determine which switches
require upgrading to support Secure Fabric OS. Secure Fabric OS is supported by Fabric OS v2.6.2,
v3.2.0, v4.4.0, v5.0.1, v5.1.0, and v5.2.0and can be implemented in fabrics that contain any
combination of these versions.
The following switches must have the Fabric OS version shown below:
SilkWorm 2000-series switches with Fabric OS v2.X must be upgraded to v2.6.2
SilkWorm 3200 or 3800 switches with Fabric OS v3.X must be upgraded to v3.2.0
SilkWorm 3900 switches with Fabric OS v4.0.x must be upgraded to v4.1.x through v5.2.0
Silkworm 12000 directors with Fabric OS v4.0x must be upgraded to v4.1.x through v5.0.1
The following switches must have the Fabric OS version shown below:
SilkWorm 3250, 3850, and 24000 switches from Fabric OS v4.2.x to v5.2.0
SilkWorm 4100 switches from Fabric OS v4.4.0 to v5.2.0
SilkWorm 200E and 3014 switches and SilkWorm 48000 directors from Fabric OS v5.0.1 to v5.2.0
SilkWorm 4900 and 7500 switches with Fabric OS v5.2.0.
Note
If any switches are incapable of enforcing security, secure mode is not enabled in the entire fabric.
For SilkWorm 24000 directors configured with two logical switches and any version of Fabric OS v4.x,
follow the instructions provided in
“Preparing SilkWorm 24000 for Secure Fabric OS”
on page 2-26.
Note
Combinations of switches running Fabric OS v2.6.2 or v3.2.0 and Fabric OS v4.4.0, v5.1.0, v5.1.0, or
v5.2.0 must use compatible PID modes. See the
Fabric OS Administrator’s Guide
for information about
PID modes.
Changing the PID format causes an update to the DCC policies. If you change the PID format, use the
configUpload
command to create a new backup configuration file. Do not use the configDownload file
to load the old file saved from a different PID format.