Home » Adaptec Manuals » Network Storage Servers » Adaptec iSA1500 » Manual Viewer

Adaptec iSA1500 User Guide - Page 68

Basic IPSAN Security Recommendations, Understanding Access Levels

UPC - 760884143346

Add to My Manuals
Save this manual to your list of manuals

Page 68 highlights

Controlling Access and Adding Security Basic IPSAN Security Recommendations When setting up your IPSAN, consider these security recommendations: ■ Always log out of Adaptec Storage Manager when you are finished using it. ■ Don't allow account sharing. ■ Keep the Manager Level password confidential. ■ Use account names that easily relate to your IPSAN users, to help you monitor who is doing what. ■ Ensure that passwords are not the same as user names. ■ Don't use the word password as a password. Understanding Access Levels To ensure system security, every user on Adaptec Storage Manager is assigned an access password and one of three access levels: ■ Manager level-This is the highest level of access. Manager- level users can monitor the IPSAN and make configuration changes to the IPSAN (like creating volumes and mirrors). A manager-level user can also create user accounts, and assign passwords and access levels. ■ Administrator level-This level of access has the same privileges as the manager level, except that administrator-level users can not create user accounts. ■ Operator level-This is the lowest level of access. Operator-level users can monitor the IPSAN but cannot make configuration changes. See Creating User Accounts and Assigning Passwords on page 5-3 for more information. 5-2

Section	Page
Contents	11
Introduction	14
About This Guide	15
Kit Contents	15
Features of the Adaptec iSA1500	16
Front of Enclosure (Behind Bezel)	16
Rear of Enclosure	16
Managing the Adaptec iSA1500	16
System Requirements and Operating System Support	17
Management Stations	17
iSCSI Stations with Automation Support	17
About Your Adaptec Storage Manager License	17
Introduction to iSCSI and IPSANs	18
What is iSCSI and How Does It Work?	19
What is iSCSI?	19
What’s an iSCSI Initiator?	19
What’s an iSCSI Target?	19
What’s an IQN?	19
How does iSCSI Work?	20
What are Storage Pools and Logical Volumes?	20
What’s an SLP Scope?	21
What is an IPSAN?	22
What is WMI?	23
What is Adaptec Storage Manager’s Role?	24
Planning Your IPSAN	26
What’s a Subnet?	26
Valid IPSAN Configurations	26
Invalid IPSAN Configurations	33
Getting Started Quickly	36
Installation Overview	37
Safety Tips	37
Installing the Hardware	38
Installing the Chassis in a Rack (Optional)	38
Installing the Disk Drives	39
Connecting a Monitor and Keyboard	39
Connecting the Cables and Powering On	40
Completing the Network Configurations	42
Before You Begin	42
Installing the Initiator	44
Installing the Software	44
Installing Microsoft iSCSI Service	45
Installing Microsoft DiskPart	45
Installing Adaptec Storage Manager on Your Management Station	46
Installing Adaptec Storage Manager on iSCSI Stations	48
Custom Installations	48
Adding Agents	49
Configuring the Adaptec iSA1500 Subsystem	51
Building Your IPSAN	52
Navigating Adaptec Storage Manager	53
Logging Out	54
Building Your IPSAN (With WMI)	55
Prerequisites	55
Set-up Task List	55
Understanding Volume Types and Storage Pools	55
Adding a Storage Pool	56
Creating a New Volume	58
Building Your IPSAN (Without WMI)	62
Set-up Task List	62
Creating an iSCSI Target	62
Creating a Spare	64
Next Steps	66
Controlling Access and Adding Security	67
Basic IPSAN Security Recommendations	68
Understanding Access Levels	68
Creating User Accounts and Assigning Passwords	69
Editing User Accounts	70
Generating SAN Passwords	70
Setting iSCSI Target Authentication	71
Adding an Authentication User	71
Editing Authentication User Accounts	72
Using Access Control Lists	73
Managing Your IPSAN	74
Viewing and Activating Software Features	75
Managing Volumes	76
Extending a Volume	77
Reassigning a Volume	78
Taking a Snapshot of a Volume	79
Viewing Volume Snapshots	81
Rolling Back a Volume	82
Assigning a New Drive Letter to a Volume	83
Deleting a Volume	84
Managing Initiators	85
Viewing a List of Initiators	85
Viewing Details About a Specific Initiator	86
Editing an Initiator’s Details	86
Creating a New Initiator	87
Deleting an Initiator	87
Managing Storage Pools	88
Viewing an iSCSI Subsystem’s Storage Pools	88
Viewing Details of a Specific Storage Pool	89
Adding a Disk Drive to a Storage Pool	90
Removing a Disk Drive From a Storage Pool	91
Exporting a Storage Pool	92
Importing Storage Pools	93
Identifying a Storage Pool	93
Deleting a Storage Pool	94
Deleting Spares	95
Managing iSCSI Targets	96
Viewing a List of iSCSI Targets	96
Viewing iSCSI Target Details	97
Taking an iSCSI Target Offline	98
Creating a Mirror with New iSCSI Targets	98
Mirroring an Existing Target	102
Breaking a Facet	104
Deleting a Facet	105
Modifying an iSCSI Target	106
Growing an iSCSI Target	107
Creating an iSCSI Target Snapshot	108
Rolling Back a Snapshot	109
Deleting an iSCSI Target	110
Managing SLP Scopes	111
Viewing a List of SLP Scopes	111
Viewing SLP Scope Details	112
Creating a New SLP Scope	113
Adding an iSCSI Target to the Scope	113
Deleting an iSCSI Target from a Scope	114
Deleting an SLP Scope	115
Managing Devices (Disk Drives)	116
Viewing a List of Disk Drives	116
Viewing Details About a Specific Disk Drive	116
Managing Network Settings	118
Viewing Network Information	118
Setting Network Details	119
Setting SNMP Details	120
Viewing and Changing Network Interface Settings	121
Managing Portals	123
Deleting an Portal	124
Enabling Network Drive Sharing	124
Upgrading the Subsystem Firmware	124
Managing the iSCSI Subsystem’s Settings	125
Setting the Date and Time	126
Setting the iSCSI Subsystem Time Zone	126
Clearing All Events	127
Getting a Diagnostic Dump from the iSCSI Subsystem	127
Setting the Boot Image	128
Rebooting and Shutting Down the iSCSI Subsystem	129
Managing Events	130
Opening the Event Log	131
Understanding Severity Levels	131
Searching the Event Log	132
Viewing Event Details	133
Configuring the Event Log	134
Opening the Event Configuration Window	134
Configuring SNMP	135
Configuring Email Notifications	136
Defining Event Notifications for Events and Errors	137
Managing Active Events	138
Deactivating Active Events	138
Deleting Selected Events	139
Deleting All Events	139
Using CLI	140
Overview of CLI	142
Accessing CLI	142
Access Levels and Passwords	143
Character Case and White Space	144
Command Completion and Abbreviation	144
Command Line Editing	145
Help	146
Viewing Long Reports	146
Global Commands	147
Administrator Command	148
End Command	148
Help \| ? [all] \| [global] \| [help \| ?] \| [keys] Command	149
Logout Command	149
Operator Command	149
Password Operator \| Administrator Command	149
Save Command	150
Show Option Command	150
Setup Wizard	151
Using the Setup Wizard	151
Authentication Commands	154
add name password Command	154
info Command	154
list Command	154
password name password Command	154
remove name_list	154
Device Commands	155
identify [start \| stop] [device_list] Command	155
import id Command	155
info [device_list] Command	156
list [usage] [interface] [type] Command	156
manage device Command	157
scan Command	157
statistics [device_list] Command	158
unused Command	158
Diag Commands	158
jobs	158
ping [timeout time] [count number] ip_host [interface]	158
proc path	159
Events Commands	159
Events Action Commands	159
clear Command	161
Events Inactive Commands	161
info Command	163
Events Report Commands	163
Image commands	164
boot image_number \| image_name	164
info	164
list	164
upload ymodem \| zmodem \| url	165
Initiator / iSCSI nodes Commands	165
create name iqn [alignboolean] [piggyback boolean] [pingboolean]	166
destroy node_list	166
info [name_list]	166
list	166
iSCSI nodes manage initiator Commands	166
Interface Commands	167
info [interface_list]	168
list	168
statistics [interface_list]	168
Interface Manage Commands	168
Ipsec Commands	172
clone connection name	172
destroy name_list	172
disable all \| name_list	172
enable all \| name_list	173
info	173
list [[up \| down] [enabled \| disabled] [dynamic \| host \| network \| opportunistic] [psk \| rsa \| x5...	173
ipsec policy parameters	173
ipsec create commands	174
ipseckey commands	175
ipsec manage name commands	176
ipsecx509 commands	180
iSCSI Commands	181
burst [first bytes] [max bytes]	182
command bytes	182
connections maximum	182
data [immediate bytes] [inorder boolean]	182
error level	182
info	182
pdu [inorder boolean] [length bytes]	182
port number	182
r2t [bidiinitial boolean] [initial boolean] [outstanding value]	182
relaxed boolean	183
timeout [retain relative_period] [wait relative_ period]	183
Mirror Commands	183
create name target sizesize local pool_list [remote async boolean [queue [blocking] pool [sizes...	184
destroy target_list	184
info [target_list]	184
list [local \| remote]	185
Mirror manage target commands	185
Network Commands	187
dns ip_numb_list \| false	188
domain name	188
gateway ip_host \| false	188
hostname name	188
info [parameters]	188
ntp ip_host \| false	189
smtp ip_host [port] \| false	189
Pool Commands	189
available / unused	190
create name name [raid basic] device_list	190
create name name raid raid0 \| raid5 \| raid10 depth stripe-depth devices device_list	190
destroy name_list	190
export name_list	190
identify [start \| stop] [name_list]	191
import name_list	191
info [name_list]	191
list [[local \| foreign]]	191
Pool manage pool Commands	191
scan	192
Route Commands	193
add destination/netmask gateway \| interface or add destination netmask gateway \| interface	193
delete destination/netmask [gateway] or delete destination netmask [gateway]	194
info	194
SLP Scope Commands	194
create name [target_list]	194
destroy name_list	195
info [name_list]	195
list	195
Scope Manage Scope Commands	195
Service Commands	196
info [service_list]	196
reset service_list	196
start [force] service_list	197
stop [force] service_list	197
Service Manage Service Commands	197
Target Commands	198
create target pool [size size \| remainder] (unrestricted \| restricted initiator_list)	199
destroy target_list	199
info [target_list]	199
list filters	199
Target manage target Commands	200
SNMP Commands	202
agent [community community] [port port]	203
info	203
protocol 1 \| 2	203
system [contact email] [location location]	203
trap [community community] [address address [port port]] trap false	203
System Commands	204
date absolute_date\| relative_period	204
halt	204
info	205
keyboard layout	205
reboot	205
status	205
timezone TZ \| offset	205
UPS Commands	205
info	206
monitor usb \| snmp \| false \| ip_host	206
status	206
thresholds [unittime] [initiatorstime] [cachetime]	206
UPS Permit Commands	207
Troubleshooting	208
General Troubleshooting Tips	209
Hot-swapping Disk Drives	209
Index	211