HP StorageWorks 2/32 Brocade Secure Fabric OS Administrator's Guide (53-100024 - Page 77

Activating Changes to Secure Fabric OS Policies, Adding a Member to an Existing Policy

Get HP StorageWorks 2/32 - SAN Switch PDF manuals and user guides View all HP StorageWorks 2/32 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 77 highlights

3 Activating Changes to Secure Fabric OS Policies Implement changes to the Secure Fabric OS policies using the secPolicyActivate command. This saves the changes to the active policy set and activates all policy changes since the last time the command was issued. You cannot activate policies on an individual basis; all changes to the entire policy set are activated by the command. Note Until a secPolicySave or secPolicyActivate command is issued, all policy changes are in volatile memory only and are lost upon rebooting. To activate changes to the Secure Fabric OS policies 1. From a sectelnet or SSH session, log in to the primary FCS switch as admin. 2. Type the secPolicyActivate command: primaryfcs:admin> secpolicyactivate About to overwrite the current Active data. ARE YOU SURE (yes, y, no, n): [no] y Committing configuration...done. Saving Defined FMPS ... done Saving Active FMPS ... done Adding a Member to an Existing Policy You can add members to policies by using the secPolicyAdd command. As soon as a policy has been created, the aspect of the fabric managed by that policy is closed to access by all devices that are not listed in the policy. To add a member to an existing Secure Fabric OS policy 1. From a sectelnet or SSH session, log in to the primary FCS switch as admin. 2. Type secPolicyAdd "policy_name", "member;...;member". policy_name is the name of the Secure Fabric OS policy. member is the item to be added to the policy, identified by device or switch IP address, switch domain ID, device or switch WWN, or switch name. 3. To implement the change immediately, enter the secPolicyActivate command. For example, to add a member to the MS_POLICY using the device port WWN: primaryfcs:admin> secpolicyadd "MS_POLICY", "12:24:45:10:0a:67:00:40" Member(s) have been added to MS_POLICY. To add an SNMP manager to WSNMP_POLICY: primaryfcs:admin> secpolicyadd "WSNMP_POLICY", "192.168.5.21" Member(s) have been added to WSNMP_POLICY. Secure Fabric OS Administrator's Guide Publication Number: 53-1000244-01 3-27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
Secure Fabric OS Administrator’s Guide
3-27
Publication Number: 53-1000244-01
3
Activating Changes to Secure Fabric OS Policies
Implement changes to the Secure Fabric OS policies using the
secPolicyActivate
command. This saves
the changes to the active policy set and activates all policy changes since the last time the command was
issued. You cannot activate policies on an individual basis; all changes to the entire policy set are
activated by the command.
To activate changes to the Secure Fabric OS policies
1.
From a sectelnet or SSH session, log in to the
primary FCS switch as admin.
2.
Type the
secPolicyActivate
command:
Adding a Member to an Existing Policy
You can add members to policies by using the
secPolicyAdd
command. As soon as a policy has been
created, the aspect of the fabric managed by that policy is closed to access by all devices that are not
listed in the policy.
To add a member to an existing Secure Fabric OS policy
1.
From a sectelnet or SSH session, log in to the
primary FCS switch as admin.
2.
Type
secPolicyAdd “
policy_name
”, “
member
;
...
;
member
.
policy_name
is the name of the Secure Fabric OS policy.
member
is the item to be added to the
policy, identified by device or switch IP address, switch domain ID, device or switch WWN, or
switch name.
3.
To implement the change immediately, enter the
secPolicyActivate
command.
For example, to add a member to the MS_POLICY using the device port WWN:
To add an SNMP manager to WSNMP_POLICY:
Note
Until a
secPolicySave
or
secPolicyActivate
command is issued, all policy changes are in volatile
memory only and are lost upon rebooting.
primaryfcs:admin>
secpolicyactivate
About to overwrite the current Active data.
ARE YOU SURE (yes, y, no, n): [no]
y
Committing configuration...done.
Saving Defined FMPS ...
done
Saving Active FMPS ...
done
primaryfcs:admin>
secpolicyadd "MS_POLICY", "12:24:45:10:0a:67:00:40"
Member(s) have been added to MS_POLICY.
primaryfcs:admin>
secpolicyadd "WSNMP_POLICY", "192.168.5.21"
Member(s) have been added to WSNMP_POLICY.