HP StorageWorks MSA 2/8 HP StorageWorks Secure Fabric OS V1.0 User Guide (AA-R - Page 49

Enabling Secure Mode, Secure Fabric OS policies.

Get HP StorageWorks MSA 2/8 - SAN Switch PDF manuals and user guides View all HP StorageWorks MSA 2/8 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 49 highlights

Creating Secure Fabric OS Policies Enabling Secure Mode Secure Mode is enabled and disabled on a fabric-wide basis. You can enable and disable Secure Mode as often as desired; however, all Secure Fabric OS policies, including the FCS policy, are deleted each time Secure Mode is disabled, and must be re-created the next time it is enabled. You can back up the Secure Fabric OS database using the configupload command. For more information about this command, refer to the HP StorageWorks Fabric OS Version 3.1.x/4.1.x Reference Guide. You can enable Secure Mode using the secmodeenable command. This command must be entered through a sectelnet, SSH, or serial connection to the switch that you want to designate as the Primary FCS switch. The command fails if any switch in the fabric is not capable of enforcing Secure Fabric OS policies. If the Primary FCS switch fails to participate in the fabric, the Primary FCS role moves to the next available switch listed in the FCS policy. Note: If Secure Mode is enabled on one of the logical switches in a Core Switch 2/64, it must be enabled on the other logical switch if they are in the same fabric, and is strongly recommended if they are in separate fabrics. Placing the logical switches on the same Core Switch 2/64 in separate fabrics is not recommended. Enabling Secure Mode accomplishes the following: ■ Creates the FCS policy. The secmodeenable command prompts for the FCS policy members. No other Secure Fabric OS policies exist until you create them, and no other Secure Fabric OS-related changes occur to the fabric other than the implementation of the FCS policy. ■ Distributes the policy set (initially consisting only of the FCS policy) to all switches in the fabric. ■ Requires specification of the passwords specific to Secure Mode. ■ Fastboots all switches to bring the fabric up in Secure Mode. ■ Once the fastboots are complete, Secure Mode enables you to create other Secure Fabric OS policies. Secure Fabric OS Version 1.0 User Guide 49

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
Creating Secure Fabric OS Policies
49
Secure Fabric OS Version 1.0 User Guide
Enabling Secure Mode
Secure Mode is enabled and disabled on a fabric-wide basis. You can enable and
disable Secure Mode as often as desired; however, all Secure Fabric OS policies,
including the FCS policy, are deleted each time Secure Mode is disabled, and
must be re-created the next time it is enabled. You can back up the Secure Fabric
OS database using the
configupload
command. For more information about
this command, refer to the
HP StorageWorks Fabric OS Version 3.1.x/4.1.x
Reference Guide
.
You can enable Secure Mode using the
secmodeenable
command. This
command must be entered through a sectelnet, SSH, or serial connection to the
switch that you want to designate as the Primary FCS switch. The command fails
if any switch in the fabric is not capable of enforcing Secure Fabric OS policies. If
the Primary FCS switch fails to participate in the fabric, the Primary FCS role
moves to the next available switch listed in the FCS policy.
Note:
If Secure Mode is enabled on one of the logical switches in a Core Switch 2/64,
it must be enabled on the other logical switch if they are in the same fabric, and is
strongly recommended if they are in separate fabrics.
Placing the logical switches on the same Core Switch 2/64 in separate fabrics is not
recommended.
Enabling Secure Mode accomplishes the following:
Creates the FCS policy. The
secmodeenable
command prompts for the
FCS policy members. No other Secure Fabric OS policies exist until you
create them, and no other Secure Fabric OS-related changes occur to the
fabric other than the implementation of the FCS policy.
Distributes the policy set (initially consisting only of the FCS policy) to all
switches in the fabric.
Requires specification of the passwords specific to Secure Mode.
Fastboots all switches to bring the fabric up in Secure Mode.
Once the fastboots are complete, Secure Mode enables you to create other
Secure Fabric OS policies.