HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 69

3 To create a Management Server policy 1. From a sectelnet or SSH session, log in to the primary FCS switch as admin. 2. Type secPolicyCreate "MS_POLICY", "member;...;member". member is a device WWN. 3. To save or activate the new policy, enter either secPolicySave or secPolicyActivate. If neither of these commands is entered, the changes are lost when the session is logged out. For more information about these commands, see "Saving Changes to Secure Fabric OS Policies" on page 3-26 and "Activating Changes to Secure Fabric OS Policies" on page 3-27. For example, to create an MS_POLICY that allows access through a device that has a WWN of 12:24:45:10:0a:67:00:40: primaryfcs:admin> secpolicycreate "MS_POLICY", "12:24:45:10:0a:67:00:40" MS_POLICY has been created. Serial Port Policy The Serial Port policy can be used to restrict which switches can be accessed by serial port. The policy is named SERIAL_POLICY and contains a list of switch WWNs, domain IDs, or switch names for which serial port access is enabled. The Serial Port policy is checked before the account login is accepted. If the Serial Port policy exists and the switch is not included in the policy, the session is terminated. Table 3-9 displays the possible serial port policy states. Table 3-9 Serial Port Policy States Policy State Characteristics No policy All serial ports of the switches in the fabric are enabled. Policy with no entries All serial ports of the switches in the fabric are disabled. Policy with entries Only specified switches can be accessed through the serial ports. To create a Serial Port policy 1. From a sectelnet or SSH session, log in to the primary FCS switch as admin. 2. Type secPolicyCreate "SERIAL_POLICY", "member;...;member". member is a switch WWN, domain ID, or switch name. If a domain ID or switch name is used to specify a switch, the associated switch must be present in the fabric for the command to succeed. 3. To save or activate the new policy, enter either secPolicySave or secPolicyActivate. If neither of these commands is entered, the changes are lost when the session is logged out. For more information about these commands, see "Saving Changes to Secure Fabric OS Policies" on page 3-26 and "Activating Changes to Secure Fabric OS Policies" on page 3-27. For example, to create a SERIAL_POLICY that allows serial port access to a switch that has a WWN of 12:24:45:10:0a:67:00:40: primaryfcs:admin> secpolicycreate "SERIAL_POLICY", "12:24:45:10:0a:67:00:40" SERIAL_POLICY has been created. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01 3-19