HP Brocade 8/12c Fabric Watch Administrator's Guide v6.4.0 (53-1001770-01, Jun - Page 64

6 Security monitoring guidelines and default settings Security monitoring guidelines and default settings The Security class monitors all attempts to breach your SAN security, helping you fine-tune your security measures. Security class areas Table 5 lists Product Name areas in the security class and describes what each area indicates. Configure the Security class using the thConfig command. TABLE 5 Security class areas Area Indicates DCC violations HTTP violations Illegal command Incompatible security DB Invalid certificates Login violations No-FCS SCC violations SLAP failures (FCAP failures) Telnet violations TS Out of Sync An unauthorized device attempts to log in to a secure fabric. A browser access request reaches a secure switch from an unauthorized IP address. Commands permitted only to the primary Fibre Channel Switch (FCS) are executed on another switch. Secure switches with different version stamps have been detected. Monitors invalid certificates. Login violations which occur when a secure fabric detects a login failure. The switch has lost contact with the primary FCS. SCC violations which occur when an unauthorized switch tries to join a secure fabric. The WWN of the unauthorized switch appears in the ERRLOG. SLAP failures which occur when packets try to pass from a nonsecure switch to a secure fabric. Telnet violations which occur when a Telnet connection request reaches a secure switch from an unauthorized IP address. Time Server (TS) which occur when an out-of-synchronization error has been detected. Security monitoring setting guidelines Use the Security class default settings for area and notification configuration. There is no reason to alter the default settings. 44 Fabric Watch Administrator's Guide 53-1001770-01