HP StorageWorks MSA 2/8 HP StorageWorks Secure Fabric OS V1.0 User Guide (AA-R - Page 71

Creating Secure Fabric OS Policies Example: primaryfcs:admin> secPolicyCreate "OPTIONS_POLICY", "NoNodeWWNZoning" OPTIONS_POLICY has been created. primaryfcs:admin> Creating a DCC Policy You can create DCC policies to manage which device ports are allowed to connect to which switch ports. The devices can be initiators, targets, or intermediate devices such as SCSI routers and loop hubs. The same device port can be bound to one or more switch ports, and the same device and switch ports may be listed in multiple DCC policies. If a device port is specified in a DCC policy, that port is allowed access to the fabric only if it is connected to one of the designated switch ports. Similarly, if a switch port is specified in a DCC policy, it permits connections only from the specified devices. Device ports that are not specified in a DCC policy are allowed to connect only to switch ports that are not specified in a DCC policy. You can create multiple DCC policies, using the naming convention DCC_POLICY_nnn, where nnn represents a unique string. One DCC policy per switch or group of switches is recommended instead of a separate DCC policy for each port. This saves memory and improves performance. You can specify device ports by device WWN and switch ports by either switch WWN, Domain ID, or switch name followed by the port or area number. For example: ■ deviceWWN;switchWWN(port or area number) ■ deviceWWN;domainID(port or area number) ■ deviceWWN;switchname(port or area number) By default, all device ports are allowed to connect to all switch ports; no DCC policies exist until they are created by the administrator. The possible DCC policy states are shown in Table 12. Secure Fabric OS Version 1.0 User Guide 71