HP StorageWorks MSA 2/8 HP StorageWorks Secure Fabric OS V1.0 User Guide (AA-R - Page 109

Managing Secure Fabric OS ■ Fabric Manager ■ Web Tools ■ Fabric Access (API) Does Secure Fabric OS prevent all unauthorized access? There is no 100% protection in any network. However, the Secure Fabric OS product makes it possible for the administrator to create a significantly increased level of security that is customized to the fabric. Once Secure Fabric is turned on, can it be turned off again? Yes, by using the secmodedisable command. Turning Secure Mode on or off does not disrupt traffic. What happens if I create a policy with no members in it? You cannot create an empty FCS policy, but you can create other types of policies with no members. However, creating a policy with no members closes all access to that aspect of the fabric, which can result in preventing administrative access to the fabric. Before setting a policy, read all the information provided about that policy under "Creating Secure Fabric OS Policies Other Than the FCS Policy" on page 58. How do I prevent someone from adding a computer to the fabric and mounting a LUN? The following approaches can be used in conjunction, although no guarantees can be made of absolute security: ■ Store all the FCS switches in a physically secure area. ■ Use hardware-based zoning. ■ Create a DCC policy for each switch in the fabric. ■ Create an Options policy. Management Access What version of SSH and the SSH clients does Fabric OS v4.1.x support? Fabric OS v4.1.x supports version 2 of the SSH protocol. Any SSH client that supports version 2 of the protocol is supported. For example, PuTTy or F-Secure. Secure Fabric OS Version 1.0 User Guide 109