HP StorageWorks 2/24 FW 07.00.00/HAFM SW 08.06.00 McDATA Products in a SAN Env - Page 151
McDATA Fabric 1.0, Open Fabric 1.0, fabric, Role-Based Flexpars
View all HP StorageWorks 2/24 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 151 highlights
Implementing SAN Internetworking Solutions 4 Role-Based Flexpars Zone FlexPars implement an RSCN zone isolation feature that prevents fabric-format RSCNs from propagating to devices in zones not impacted by the RSCN. With zone FlexPars enabled, zoning change RSCNs are handled like device availability change RSCNs. Because the feature is device centric, zone FlexPars work in loop environments and with node port ID virtualization (NPIV) enabled. In addition, the feature operates when the director or switch Interop Mode is set to McDATA Fabric 1.0 or Open Fabric 1.0. Zone FlexPars are enabled or disabled on a per-switch basis through the CLI by setting the zoneFlexParstate parameter to fabric (enabled) or none (disabled). When installing a new director or switch with E/OS 7.0 (or upgrading an existing fabric element to E/OS 7.0 or E/OSn 6.0), the feature is enabled by default and operates on a fabric-wide basis. As Fibre Channel fabrics grow in size and complexity, the potential for fabric configuration problems caused by human error increases significantly. Implementation of role-based access control (RBAC) through role-based FlexPars (available for McDATA products by mid-2005) can control and mitigate these problems. Through a SAN management application, users are grouped into roles, and roles are assigned a set of responsibility-based privileges. These privileges include access to specific devices and commands. In addition, roles can own subsets of a fabric. This concept is useful when a fabric includes several applications, each managed by a different administrator. If a user is assigned administrator (role) duties for a set of switches and devices, other administrators cannot configure the user's switch and device subset. Role-based FlexPars ensure accountability for each application, fabric, or network; prevent errors from propagating across applications; and prevent unauthorized users from damaging or shutting down a fabric. Role-based FlexPars can be configured to warn users in addition to preventing actions. Thus if one person administers an entire fabric, roles ensure the administrator is reminded of the cross-application adverse impact that a configuration action may cause. Implementing SAN Internetworking Solutions 4-7