HP StorageWorks 2/128 HP StorageWorks SAN Director 2/128 Fabric OS V4.2.x Rele - Page 17

Security: FCS list, Security: HTTP policy

Get HP StorageWorks 2/128 - SAN Director Switch PDF manuals and user guides View all HP StorageWorks 2/128 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 17 highlights

Important Notes Table 5: Fabric OS Area Information (Continued) Fabric OS Area Security: empty policies Security: error counter Security: fabric segment Security: FCS list Security: HTTP policy Security: invalid certificate Security: PKICERT utility, CSR syntax Description CAUTION: If Telnet, API, and serial port access policies are empty, the user will not be able to communicate with the switch. Workaround: Contact your switch provider for the recovery procedure. Telnet security errors that arrive in quick succession are recorded as a single violation by the telnet error counter. For example, a login error from a host whose IP address is 192.168.44.247 is logged as follows: Security violation: Login failure attempt via TELNET/SSH/RSH. IP Addr: 192.168.44.247 If another login violation occurs immediately, the message remains the same and only the error counter is incremented. When two secure fabrics are continuously joined and separated while the CPU is under heavy load, the fabric segments after approximately 30 cycles. Adding switches to the FCS list does not automatically join the switches in a secure fabric. Add the switches to the FCS list of the new switches and the target fabric. Reset the version stamp to 0 and either reset the E_Ports or perform a switch disable and enable for the switches to join. If HTTP_Policy is empty, you will not be able to log in and will receive a Page not found error. This is expected behavior for this policy. Web Tools and Fabric OS are not consistent in how they report switch certificate status. Web Tools reports a valid certificate with extra characters appended to it as invalid, whereas Fabric OS accepts the certificate and allows a secmodeenable command to complete successfully. Before using the PKICERT utility to prepare a certificate signing request (CSR), ensure that there are no spaces in the switch names of any switches in the fabric. The Web site that processes the CSRs and generates the digital certificates does not accept switch names containing spaces; CSRs that do not conform to this requirement are rejected. SAN Director 2/128 Fabric OS 4.2.x Release Notes 17

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
Important Notes
17
SAN Director 2/128 Fabric OS 4.2.x Release Notes
Security: empty
policies
CAUTION: If Telnet, API, and serial port access policies are empty, the user
will not be able to communicate with the switch.
Workaround:
Contact your switch provider for the recovery procedure.
Security: error counter
Telnet security errors that arrive in quick succession are recorded as a single
violation by the telnet error counter. For example, a login error from a host
whose IP address is 192.168.44.247 is logged as follows:
Security violation: Login failure attempt via
TELNET/SSH/RSH. IP Addr: 192.168.44.247
If another login violation occurs immediately, the message remains the
same and only the error counter is incremented.
Security: fabric
segment
When two secure fabrics are continuously joined and separated while the
CPU is under heavy load, the fabric segments after approximately 30
cycles.
Security: FCS list
Adding switches to the FCS list does not automatically join the switches in a
secure fabric. Add the switches to the FCS list of the new switches and the
target fabric. Reset the version stamp to 0 and either reset the E_Ports or
perform a switch disable and enable for the switches to join.
Security: HTTP policy
If HTTP_Policy is empty, you will not be able to log in and will receive a
Page not found
error. This is expected behavior for this policy.
Security: invalid
certificate
Web Tools and Fabric OS are not consistent in how they report switch
certificate status. Web Tools reports a valid certificate with extra characters
appended to it as invalid, whereas Fabric OS accepts the certificate and
allows a
secmodeenable
command to complete successfully.
Security: PKICERT
utility, CSR syntax
Before using the PKICERT utility to prepare a certificate signing request
(CSR), ensure that there are no spaces in the switch names of any switches
in the fabric. The Web site that processes the CSRs and generates the digital
certificates does not accept switch names containing spaces; CSRs that do
not conform to this requirement are rejected.
Table 5:
Fabric OS Area Information (Continued)
Fabric OS Area
Description