HP StorageWorks 2/140 fw 05.01.00 and sw 07.01.00 ha-fabric manager user guide - Page 132

Fabric Zoning Controlling Access Across a Fabric The fabric zoning feature enables you to partition devices attached to managed Fibre Channel products into groups called zones. A zone contains devices that can access one another through port-to-port connections. Devices in the same zone can recognize and communicate with one another; devices in different zones cannot. System administrators create zones to increase security measures and prevent data loss or corruption by controlling access between devices (such as servers and data storage units), or between separate user groups (such as engineering or human resources). Zoning allows an administrator to: ■ Establish barriers between devices that use different operating systems. For example, it is often critical to separate servers and storage devices with different operating systems because accidental transfer of information from one to another can delete or corrupt data. Zoning prevents this accidental transfer of information by grouping devices that use the same operating systems into zones. ■ Create logical subsets of closed user groups. Administrators can authorize access rights to specific zones for specific user groups, thereby protecting confidential data from unauthorized access. ■ Create groups of devices that are separate from devices in the rest of a fabric. Zoning allows certain processes (such as maintenance or testing) to be performed on devices in one group without interrupting devices in other groups. ■ Allow temporary access between devices for specific purposes. Administrators can remove zoning restrictions temporarily (for example, to perform nightly data backup), then restore zoning restrictions to return to normal processes. 132 High Availability Fabric Manager User Guide