HP A7533A HP StorageWorks Fabric OS 6.x administrator guide (5697-0015, May 20 - Page 85
Configuring standard security features
UPC - 829160830858
View all HP A7533A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 85 highlights
3 Configuring standard security features This chapter provides information and procedures for configuring standard Fabric OS security features such as protocol and certificate management. IMPORTANT: Secure Fabric OS is no longer supported in Fabric OS 6.x. Secure protocols Fabric OS supports the secure protocols shown in Table 15. Table 15 Secure protocol support Protocol Description SSL HTTPS Secure File Copy (scp) SNMPv3 Supports SSLv3, 128-bit encryption by default. Fabric OS uses SSL to support HTTPS. A certificate must be generated and installed on each switch to enable SSL. Web Tools supports the use of HTTPS. Configuration upload and download support the use of scp. SNMPv1 and v2 are also supported. Simple Network Management Protocol (SNMP) is a standard method for monitoring and managing network devices. Using SNMP components, you can program tools to view, browse, and manipulate switch variables and set up enterprise-level management processes. Every switch carries an SNMP agent and Management Information Base (MIB). The agent accesses MIB information about a device and makes it available to a network manager station. You can manipulate information of your choice by trapping MIB elements using the Fabric OS CLI, Web Tools, or Fabric Manager. The SNMP Access Control List (ACL) provides a way for the administrator to restrict SNMP get and set operations to certain hosts and IP addresses. This is used for enhanced management security in the storage area network. For details on Brocade MIB files, naming conventions, loading instructions, and information about using Brocade's SNMP agent, see the Fabric OS MIB Reference. Table 16 describes additional software or certificates that you must obtain to deploy secure protocols. Table 16 Items needed to deploy secure protocols Protocol Host side Switch side SSH HTTPS SSH client No requirement on host side except a browser that supports HTTPS None Switch IP certificate for SSL Secure File Copy (scp) SSH daemon, scp server None SNMPv1, SNMPv2, SNMPv3 None None Fabric OS 6.x administrator guide 85