HP StorageWorks 2/24 FW 07.00.00/HAFM SW 08.06.00 McDATA Products in a SAN Env - Page 235
Server and Storage-Level Access Control, Reasons for zone implementation
View all HP StorageWorks 2/24 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 235 highlights
Physical Planning Considerations 5 Obtaining Professional Services • Reasons for zone implementation - Determine if zoning is to be implemented for the enterprise. If so, evaluate if the purpose of zoning is to differentiate between operating systems, data sets, user groups, devices, processes, or some combination thereof. Plan the use of zone members, zones, and zone sets accordingly. • Zone members specified by port number or WWN - Determine if zoning is to be implemented by port number or WWN. Because changes to port connections or fiber-optic cable configurations disrupt zone operation and may incorrectly include or exclude a device from a zone, zoning by WWN is recommended. However, if zoning is implemented by WWN, removal and replacement of a device HBA or Fibre Channel interface disrupts zone operation and will exclude a new device from a zone unless the device is added to the zone set. • Zoning implications for a multiswitch fabric - For a multiswitch fabric, zoning is configured on a fabric-wide basis, and any change to the zoning configuration is applied to all switches in the fabric. To ensure zoning is consistent across a fabric, there can be no duplicate Domain_IDs, the active zone set name must be consistent, and zones with the same name must have identical elements. Ensure these rules are enforced when planning zones and zone sets, and carefully coordinate the zoning and multiswitch fabric tasks. Planning and implementing the zoning feature is a complex and difficult task, especially for multiswitch fabrics. Obtain planning assistance from McDATA's professional services organization before implementing the director or switch zoning feature. Server and Storage-Level Access Control To enhance the access barriers and network security provided by zoning through the director or fabric switch, security measures for SANs can also be implemented at servers and storage devices. Server-level access control is called persistent binding. Persistent binding uses configuration information stored on the server and is implemented through the server's HBA driver. The process binds a server device name to a specific Fibre Channel storage volume or logical unit number (LUN), through a specific HBA and storage port WWN. For persistent binding: Physical Planning Considerations 5-29