HP StorageWorks 2/24 FW 07.00.00/HAFM SW 08.06.00 McDATA Products in a SAN Env - Page 224
default feature of the Enterprise Operating System E/OS, E_Port and N_Port DHCHAP secrets.
View all HP StorageWorks 2/24 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 224 highlights
Physical Planning Considerations 5 • RADIUS server support - Remote authentication dial-in user service (RADIUS) is a client-server, UDP-based protocol that supports storage and authentication of passwords and CHAP secrets. Directors, fabric switches, and SAN routers support a RADIUS client (LAN-connected to a primary or secondary RADIUS server) that authenticates CHAP responses and login passwords. The RADIUS server stores: - Management server-to-fabric element (director or fabric switch) CHAP secrets. - E_Port and N_Port DHCHAP secrets. - Hypertext transfer protocol (HTTP) user passwords for the SANpilot interface. - Telnet user passwords for the CLI. - RADIUS server interface encryption keys. • Inband access control list - The management server interface supports an access control list (ACL) that provides attached port worldwide names (WWNs) or switch node names for which director or fabric switch communication is allowed. The CLI and SANpilot interface do not support configuration of an inband access control list. • Out-of-band access control list - Directors and fabric switches support an IP-based ACL that defines the node IP addresses that are permitted to log in to the fabric element through an out-of-band management interface. Each director or fabric switch is individually configured with a list of IP address ranges. • Encrypted SSH protocol - Secure shell (SSH) protocol is a software-enforced security encryption feature that controls CLI access to a director or fabric switch. The SSH protocol suite supports secure shell communication, remote file copy, file transfer, and port forwarding through a telnet interface. • Security log - The security log records security-related events (including but not limited to SANtegrity features). The log is a default feature of the Enterprise Operating System (E/OS) firmware and does not require enablement through a product feature enablement (PFE) key. Log entries record the following events: 5-18 McDATA Products in a SAN Environment - Planning Manual