HP StorageWorks 2/32 Brocade Secure Fabric OS Administrator's Guide (53-100024 - Page 61
Creating Secure Fabric OS Policies Other Than the FCS Policy
View all HP StorageWorks 2/32 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 61 highlights
3 For example, type secFCSFailover from the backup FCS switch "fcsswitchc" and then type secPolicyShow: fcsswitchc:admin> secfcsfailover This switch is about to become the primary FCS switch. All transactions of the current Primary FCS switch will be aborted. ARE YOU SURE (yes, y, no, n): [no] y WARNING!!! The FCS policy of Active and Defined Policy sets have been changed. Review them before you issue secpolicyactivate again. fcsswitchc:admin> secpolicyshow "active","FCS_POLICY" ACTIVE POLICY SET FCS_POLICY Pos PrimaryWWN DId swName 1 Yes 10:00:00:00:00:00:33:3c3 fcsswitchc 2 No 10:00:00:00:00:00:11:1c1 fcsswitcha 3 No 10:00:00:00:00:00:22:2c2 fcsswitchb The backup FCS switch becomes the new primary FCS switch, and the FCS policy is modified so that the new and previous primary FCS switches have exchanged places. Creating Secure Fabric OS Policies Other Than the FCS Policy The FCS policy is automatically created when secure mode is enabled; other Secure Fabric OS policies can be created after secure mode is enabled. (Using the quickmode or lockdown options to the secModeEnable command also creates an SCC policy and a DCC policy.) The member list of each policy determines the devices or switches to which the policy applies. If a policy does not exist, then no Secure Fabric OS controls are in effect for that aspect of the fabric. If a policy exists but has no members, that functionality is disabled for all switches in the fabric. As soon as a policy has been created, that functionality becomes disabled for all switches except the members listed in the policy. Note Save policy changes frequently; changes are lost if the switch is rebooted before the changes are saved. Each supported policy is identified by a specific name, and only one policy of each type can exist (except for DCC policies). The policy names are case sensitive and must be entered in all uppercase. Multiple DCC policies can be created using the naming convention DCC_POLICY_nnn, with nnn representing a unique string. Note Uploading and saving a copy of the Secure Fabric OS database after creating the desired Secure Fabric OS policies is strongly recommended. The configUpload command can be used to upload a copy of the configuration file, which contains all the Secure Fabric OS information. For more information about this command, see the Fabric OS Command Reference. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01 3-11