Home » HP Manuals » Storage Devices » HP Surestore 64 » Manual Viewer

HP Surestore 64 Planning Guide - Page 82

Benefits of Zoning, Configuring Zones

Add to My Manuals
Save this manual to your list of manuals

Page 82 highlights

Benefits of Zoning System administrators create zones to increase network security measures, differentiate between operating systems, and prevent data loss or corruption by controlling access between devices (such as servers and data storage units), or between separate user groups (such as engineering or human resources). Zoning allows an administrator to establish: • Logical subsets of closed user groups. Administrators can authorize access rights to specific zones for specific user groups, thereby protecting confidential data from unauthorized access. • Barriers between devices that use different operating systems. For example, it is often critical to separate servers and storage devices with different operating systems because accidental transfer of information from one to another can delete or corrupt data. Zoning prevents this by grouping devices that use the same operating systems into zones. • Groups of devices that are separate from devices in the rest of a fabric. Zoning allows certain processes (such as maintenance or testing) to be performed on devices in one group without interrupting devices in other groups. • Temporary access between devices for specific purposes. Administrators can remove zoning restrictions temporarily (for example, to perform nightly data backup), then restore zoning restrictions to perform normal processes. Configuring Zones Zoning is configured through the Fabric Manager application by authorizing or restricting access to name server information associated with device node ports (N_Ports) that attach to director fabric ports (F_Ports). A device N_Port can belong to multiple zones. Zoning is configured by: • The eight-byte (16-digit) worldwide name (WWN) assigned to the HBA or Fibre Channel interface installed in the device connected to the director. CAUTION If zoning is implemented by WWN, removal and replacement of a device HBA or Fibre Channel interface (thereby changing the device WWN) disrupts zone operation and may incorrectly include or exclude a device from a zone. 68 Security Provisions

Section	Page
Regulatory Statements	8
Glossary	8
Index	9
1 Introduction	15
Overview	16
Director Overview	18
Director Performance	18
Director Management	21
Director Features	23
High-Availability Features	23
Connectivity Features	24
Security Features	25
Serviceability Features	26
2 Director Hardware Description	29
Director Description	30
Front Bezel	31
CTP Card	32
FPM Card	33
Power Supply	35
RFI Shield	35
Power Module Assembly	35
Fan Module	36
SBAR Assembly	36
Backplane	37
Director Specifications	38
Physical Characteristics	38
Storage and Shipping Environment	39
Operating Environment	40
Equipment Rack Service Clearances	40
HP EFC Server Description	41
HP EFC Server Specifications	42
Ethernet Hub	43
Remote User Workstations	43
Embedded Web Server Interface	44
3 Director Software Description	45
Director Firmware	46
Backup and Restore Features	48
Software Overview	50
HP EFC Management Services Application	50
User Interface	51
4 Planning Considerations	63
Planning a Fibre Channel SAN Configuration	64
Reasons for Implementing SAN Technology	64
Integrating SAN Technology	66
Fibre Channel Topologies	66
Capacity Planning	67
Port Connectivity and Fiber-Optic Cabling	68
Port Requirements	68
Extended-Distance Ports	70
High-Availability Considerations	70
Cabling and Connectors	72
Routing Fiber-Optic Cables	73
HP EFC Server, LAN, and Remote Access Support	75
HP EFC Server	75
Remote User Workstations	76
SNMP Management Workstations	79
Web Browser Access	79
Security Provisions	80
Name Server Zoning	81
Multiswitch Fabric Support	88
Fabric Topology Limits	89
Factors to Consider When Implementing a Fabric Topology	89
Obtaining Professional Services	97
5 Configuration Planning Tasks	99
Task 1: Prepare a Site Plan	101
Task 2: Plan Fiber-Optic Cable Routing	103
Task 3: Consider Interoperability with Fabric Elements and End Devices	104
Task 4: Plan Console Management Support	105
Task 5: Plan Ethernet Access	106
Task 6: Plan Network Addresses	107
Task 7: Plan SNMP Support (Optional)	109
Task 8: Plan E-Mail Notification (Optional)	110
Task 9: Establish Director and HP EFC Server Security Measures	111
Task 10: Plan Phone Connections	112
Task 11: Diagram the Planned Configuration	113
Task 12: Assign Port Names and Nicknames	114
Rules for Port Names	114
Rules for Nicknames	115
Task 13: Complete the Planning Worksheet	116
Task 14: Plan AC Power	120
Task 15: Plan a Multiswitch Fabric (Optional)	121
Task 16: Plan Zone Sets for Multiple Directors (Optional)	122
Task 17: Complete Planning Checklists	124
FCC EMC Statement (USA)	130
EMC Statement (Canada)	131
EMC Statement (European Union)	132
Spécification ATI Classe A (France)	133
VCCI EMC Statement (Japan)	134
Harmonics Conformance (Japan)	135
BSMI EMC Statement (Taiwan)	136
RRL EMC Statement (Korea)	137
Germany Noise Declaration	138
Laser Safety	139
Declaration of Conformity	140
A	141
B	142
C	143
D	145
E	147
F	148
G	150
H	150
I	152
J	153
L	153
M	154
N	155
O	156
P	157
R	159
S	160
T	161
U	162
V	162
W	163
Z	163
A	165
B	165
C	165
D	165
E	165
F	165
G	165
H	165
I	166
J	166
L	166
M	166
N	166
P	166
R	166
S	166
T	167
U	167
V	167
W	167

Match case Limit results 1 per page

Security Provisions

Benefits of Zoning

System administrators create zones to increase network security measures, differentiate

between operating systems, and prevent data loss or corruption by controlling access

between devices (such as servers and data storage units), or between separate user groups

(such as engineering or human resources). Zoning allows an administrator to establish:

•

Logical subsets of closed user groups. Administrators can authorize access rights to

specific zones for specific user groups, thereby protecting confidential data from

unauthorized access.

•

Barriers between devices that use different operating systems. For example, it is often

critical to separate servers and storage devices with different operating systems

because accidental transfer of information from one to another can delete or corrupt

data. Zoning prevents this by grouping devices that use the same operating systems into

zones.

•

Groups of devices that are separate from devices in the rest of a fabric. Zoning allows

certain processes (such as maintenance or testing) to be performed on devices in one

group without interrupting devices in other groups.

•

Temporary access between devices for specific purposes. Administrators can remove

zoning restrictions temporarily (for example, to perform nightly data backup), then

restore zoning restrictions to perform normal processes.

Configuring Zones

Zoning is configured through the Fabric Manager application by authorizing or restricting

access to name server information associated with device node ports (N_Ports) that attach

to director fabric ports (F_Ports). A device N_Port can belong to multiple zones. Zoning is

configured by:

•

The eight-byte (16-digit) worldwide name (WWN) assigned to the HBA or Fibre Channel

interface installed in the device connected to the director.

AUTION

If zoning is implemented by WWN, removal and replacement of a device HBA

or Fibre Channel interface (thereby changing the device WWN) disrupts zone

operation and may incorrectly include or exclude a device from a zone.