HP StorageWorks 2/16V Brocade Secure Fabric OS Administrator's Guide (53-10002 - Page 70

3 Front Panel Policy The Front Panel policy can be used to restrict which switches can be accessed through the front panel. This policy only applies to SilkWorm 2800 switches, since no other switches contain front panels. The policy is named FRONTPANEL_POLICY and contains a list of switch WWNs, domain IDs, or switch names for which front panel access is enabled. Table 3-10 displays the possible Front Panel policy states. Table 3-10 Front Panel Policy States Policy State Characteristics No policy All the switches in the fabric have front panel access enabled. Policy with no entries All the switches in the fabric have front panel access disabled. Policy with entries Only specified switches in the fabric have front panel access enabled. To create a Front Panel policy 1. From a sectelnet or SSH session, log in to the primary FCS switch as admin. 2. Type secPolicyCreate "FRONTPANEL_POLICY", "member;...;member". member is a switch WWN, domain ID, or switch name. If a domain ID or switch name is used to specify a switch, the associated switch must be present in the fabric for the command to succeed. For example, to create a Front Panel policy to allow only domains 3 and 4 to use the front panel: primaryfcs:admin> secpolicycreate "FRONTPANEL_POLICY", "3; 4" FRONTPANEL_POLICY has been created. 3. To save or activate the new policy, enter either the secPolicySave or the secPolicyActivate command. If neither of these commands is entered, the changes are lost when the session is logged out. For more information about these commands, see "Saving Changes to Secure Fabric OS Policies" on page 3-26 and "Activating Changes to Secure Fabric OS Policies" on page 3-27. Creating an Options Policy The Options policy can be used to prevent the use of node WWNs to add members to zones. This policy is named OPTIONS_POLICY and has only one valid value, "NoNodeWWNZoning". Adding this value to the policy prevents use of Node WWNs for WWN-based zoning. The use of node WWNs can introduce ambiguity because the node WWN might also be used for one of the device ports, as might be true with a host bus adapter (HBA). If the policy does not exist or is empty, node WWNs can be used for WWN-based zoning. Only one Options policy can be created. This policy cannot be used to control use of port WWNs for zoning. By default, use of node WWNs is allowed; the Options policy does not exist until it is created by the administrator. Table 3-11 displays the possible Options policy states. 3-20 Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01