HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.1.x administrator guide (5697 - Page 184

v6.0.1\ 381MB 2007 Oct 19 10:39 config\ 0B 2007 Sep 28 15:33 support\ 0B 2007 Sep 28 15:33 firmwarekey\ 0B 2007 Sep 28 15:33 Available space on usbstorage 79% Downloading the 6.1.0 image using the relative path To download the 6.1.0 image using the relative path: 1. Log in to the switch as admin. 2. Type the firmwareDownload command with the -U operand: admin>firmwaredownload -U v6.1.0 Downloading the 6.1.0 image using the absolute path To download the 6.1.0 image using the absolute path: 1. Log in to the switch as admin. 2. Type the firmwareDownload command with the -U operand: admin>firmwaredownload -U /usb/usbstorage/brocade/firmware/v6.1.0 Director restrictions for downgrading Note the following restrictions: • 4/256 SAN Director with one or more FR4-18i blades: If you are running 5.1.0 firmware, then you cannot downgrade to earlier versions without removing the blades. • 4/256 SAN Director with one or more FC4-48 or FC4-16IP blades: If you are running Fabric OS 5.2.0, then you cannot downgrade to earlier versions without removing the blades. • Do not remove blades until the EX_Ports are removed first. The firmwareDownload command will indicate when the blades are safe to remove. • 4/256 SAN Director with one or more FC10-6 blades: If you are running Fabric OS 6.0.0b, then you cannot downgrade to earlier versions without removing the blades. • 4/256 SAN Director with one or more FC8-16 blades: If you are running Fabric OS 6.0.0b, then you cannot downgrade to earlier versions without removing the blade. • DC Director with FC8-16/32/48 blades: If you are running Fabric 6.0.0b, then you cannot downgrade to earlier versions of Fabric OS as they are not supported on this Director. FIPS Support Federal information processing standards (FIPS) specify the security standards needed to satisfy a cryptographic module utilized within a security system for protecting sensitive information in the computer and telecommunication systems. For more information about FIPS, refer to "Configuring advanced security features" on page 17. The 6.1.x firmware is digitally signed using the OpenSSL utility to provide FIPS support. In order to use the digitally signed software, you need to configure the switch to enable Signed Firmwaredownload. If it is not enabled then the firmware download process will ignore the firmware signature and work as before. If signed firmwaredownload is enabled, and if the validation succeeds, the firmware download process will proceed normally. If the firmware is not signed or if the signature validation fails, firmwareDownload will fail. To enable or disable FIPS, refer to "Configuring advanced security features" on page 17. Public and private key management For signed firmware, we use RSA with 1024-bit length key pair. The Fabric OS requires a private key to sign the firmware files. During firmwareDownload, the process requires the public key to validate the signatures of the firmware files. So the public key needs to be stored on the switch beforehand. The following describes how the key pairs will be managed for the current and future releases. 184 Installing and maintaining firmware