HP StorageWorks 2/32 Brocade Secure Fabric OS Administrator's Guide (53-100024 - Page 75
Managing Secure Fabric OS Policies
View all HP StorageWorks 2/32 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 75 highlights
3 Table 3-13 SCC Policy States Policy State SCC Policy Enforcement No policy specified All switches may join the fabric. Policy specified, but with The SCC policy includes all FCS switches. All non-FCS switches are no members excluded. Only FCS switches may join the fabric. Policy specified, with members The SCC policy contains all FCS switches and any switches specified in the member list. Any non-FCS switches not explicitly specified are excluded. Only FCS switches and explicitly specified non-FCS switches may join the fabric. To create an SCC policy 1. From a sectelnet or SSH session, log in to the primary FCS switch as admin. 2. Type secPolicyCreate "SCC_POLICY", "member;...;member". member indicates a switch that is permitted to join the fabric. Specify switches by WWN, domain ID, or switch name. Enter an asterisk (*) to indicate all the switches in the fabric. For example, to create an SCC policy that allows switches that have domain IDs 2 and 4 to join the fabric: primaryfcs:admin> secpolicycreate "SCC_POLICY", "2;4" SCC_POLICY has been created 3. To save or activate the new policy, enter either the secPolicySave or the secPolicyActivate command. If neither of these commands is entered, the changes are lost when the session is logged out. For more information about these commands, see "Saving Changes to Secure Fabric OS Policies" on page 3-26 and "Activating Changes to Secure Fabric OS Policies" on page 3-27. Managing Secure Fabric OS Policies All Secure Fabric OS transactions must be performed through the primary FCS switch only, except for the secTransAbort, secFCSFailover, secStatsReset, and secStatsShow commands. You can create multiple sessions to the primary FCS switch from one or more hosts. However, the software allows only one Secure Fabric OS transaction at a time. If a second Secure Fabric OS transaction is started, it fails. The only secondary transaction that can succeed is the secTransAbort command. All policy modifications are saved in volatile memory only until the changes are saved or activated. The following functions can be performed on existing Secure Fabric OS policies: • "Saving Changes to Secure Fabric OS Policies" on page 3-26 Save changes to flash memory without actually implementing the changes within the fabric. This saved but inactive information is known as the defined policy set. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01 3-25