HP StorageWorks MSA 2/8 HP StorageWorks Secure Fabric OS V1.0 User Guide (AA-R - Page 72

Creating Secure Fabric OS Policies Table 12: DCC Policy States Policy State No policy Policy with no entries Policy with entries Characteristics Any device can connect to any switch port in the fabric. Any device can connect to any switch port in the fabric. An empty policy is the same as no policy. If a device WWN is specified in a DCC policy, that device is only allowed access to the fabric if connected to a switch port listed in the same policy. If a switch port is specified in a DCC policy, it permits connections only from devices that are listed in the policy. WWNs that are not specified in a DCC policy are allowed to connect to the fabric at any switch ports that are not specified in a DCC policy. Switch ports and WWNs may exist in multiple DCC policies. Note: When a DCC violation occurs, the related port is automatically disabled and must be re-enabled using the portenable command. To create a DCC policy: 1. From a sectelnet or SSH session, log into the Primary FCS switch as Admin. 2. Enter the following: secpolicycreate DCC_POLICY_nnn, "member;...;member" Where: ■ DCC_POLICY_nnn is the name of the DCC policy you want to create, and nnn is a string consisting of up to 19 alphanumeric or underscore characters to differentiate it from any other DCC policies. ■ member contains device and switch port information; deviceWWN; switch(port). - The "switch" can be the switch WWN, Domain ID, or switch name. - The port can be specified by port or area number. Designating ports automatically includes the devices currently attached to those ports. The ports can be specified using any of the following syntax methods: (1-6) Selects ports 1 through 6. (*) Selects all ports on the switch. 72 Secure Fabric OS Version 1.0 User Guide