HP StorageWorks MSA 2/8 HP StorageWorks Secure Fabric OS V1.0 User Guide (AA-R - Page 19
Fabric Management Policy Set, Available Secure Fabric OS Policies
View all HP StorageWorks MSA 2/8 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 19 highlights
Introducing Secure Fabric OS Fabric Management Policy Set Secure Fabric OS supports the creation of a number of specific policies that you can use to customize specific aspects of the fabric. Each supported policy is recognized by a specific name. By default, only the FCS policy exists when Secure Mode is first enabled. You can create, display, modify, and delete the Secure Fabric OS policies. You can also create and save a policy without activating it immediately, to allow implementation at a future time. Once you save policy changes, the new policies are persistent, meaning that they are saved in flash memory and remain available after switch reboot or power cycle. The group of existing policies is referred to as the Fabric Management Policy Set (FMPS), which includes an Active Policy Set and a Defined Policy Set. The Active Policy Set contains the policies that are activated and currently in effect. The Defined Policy Set contains all the policies that have been defined, whether activated or not. Both policy sets are distributed to all switches in the fabric by the Primary FCS switch. You can create and manage the Secure Fabric OS policies by CLI or Fabric Manager. Available Secure Fabric OS Policies You can use Secure Fabric OS to create the following supported Secure Fabric OS policies: ■ Fabric Configuration Server (FCS) policy: This policy specifies the Primary FCS and Backup FCS switches. ■ Management Access Control (MAC) policies: These policies restrict management access to switches. The following specific MAC policies are provided: - Read and Write SNMP policies: Restrict which SNMP hosts are allowed read and write access to the fabric. - Telnet policy: Restricts the workstations that can use sectelnet or SSH to connect to the fabric (telnet is not available when Secure Fabric OS is enabled). - HTTP policy: Restricts the workstations that can use HTTP to access the fabric. - API policy: Restricts the workstations that can use API to access the fabric. Secure Fabric OS Version 1.0 User Guide 19