HP StorageWorks 2/140 FW 07.01.02/HAFM SW 08.06.00 HP StorageWorks HA-Fabric M - Page 16

Zone FlexPar feature, Enhanced SANtegrity Security Suite, CHAP Authentication for HAFM/SWAPI

Get HP StorageWorks 2/140 - Director Switch PDF manuals and user guides View all HP StorageWorks 2/140 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 16 highlights

Zone FlexPar feature Because zoning is managed on a fabric-wide basis, all switches and directors in the fabric must maintain the same zoning configuration. This configuration is maintained automatically through the Fibre Channel protocol. To keep this information current, RSCN messages are sent through the fabric to inform attached devices when zoning changes occur, when devices become available, or when devices become unavailable. In the case where devices become available or unavailable, RSCNs are sent only to the devices in the same zone. Zoning changes, however, trigger RSCNs to be sent to all of the devices in the fabric. As fabrics grow larger and larger, the quantity of RSCNs from zoning changes can create congestion and disrupt devices, causing them to pause normal activity to determine the status of the other devices. This can occur even if the new device is not zoned to talk to the other devices in the fabric. With the Zone FlexPar feature enabled, RSCN messages for a zoning change are handled like RSCNs for availability/unavailability changes. Specifically, RSCNs are restricted to only those devices sharing at least one common zone with the device that changed. This way, only devices that are impacted by the change in connectivity receive RSCNs. The Zone FlexPar feature is available in both Open Fabric 1.0 and Homogeneous Fabric 1.0 Interop modes, as well as in environments with loop-attached devices. In Homogeneous Fabric 1.0 mode, the default zone is treated like any other zone, and RSCNs are sent only to the affected devices if the default zone is enabled or disabled. A PFE key is not required for the Zone FlexPar feature, and it can be enabled or disabled through CLI for a specific switch. When upgrading to firmware 07.01.02-4 or installing a new switch with firmware 07.01.02-4 the feature is enabled by default, allowing it to work immediately. If the Zone FlexPar feature is not enabled on all switches in the fabric, the restricted RSCN distribution only applies for devices attached to switches with the feature enabled. Enhanced SANtegrity Security Suite SANtegrity Security Suite enhanced features include authentication support for device login, interswitch connections and management interfaces. The Secure Access features are included as a standard part of the SANtegrity Security Suite in firmware 07.01.02-4. Standard features The following SANtegrity features do not require a license or SANtegrity Binding. • CHAP Authentication for HAFM/SWAPI-This provides authentication of connections from the HAFM appliance service processor and SWAPI Direct Connect. This ensures that requested HAFM management sessions or SWAPI Direct Connect sessions are from a trusted source. • Encryption of Passwords and Secrets Shared with HAFM-All secrets and password information are passed in encrypted format for greater security. 14

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
Zone FlexPar feature
Because zoning is managed on a fabric-wide basis, all switches and directors in the
fabric must maintain the same zoning con
guration. This con
guration is maintained
automatically through the Fibre Channel protocol.
To keep this information current, RSCN messages are sent through the fabric to inform
attached devices when zoning changes occur, when devices become available, or
when devices become unavailable. In the case where devices become available or
unavailable, RSCNs are sent only to the devices in the same zone. Zoning changes,
however, trigger RSCNs to be sent to all of the devices in the fabric. As fabrics grow
larger and larger, the quantity of RSCNs from zoning changes can create congestion
and disrupt devices, causing them to pause normal activity to determine the status of
the other devices. This can occur even if the new device is not zoned to talk to the
other devices in the fabric.
With the Zone FlexPar feature enabled, RSCN messages for a zoning change are
handled like RSCNs for availability/unavailability changes. Speci
cally, RSCNs are
restricted to only those devices sharing at least one common zone with the device that
changed. This way, only devices that are impacted by the change in connectivity
receive RSCNs.
The Zone FlexPar feature is available in both Open Fabric 1.0 and Homogeneous
Fabric 1.0 Interop modes, as well as in environments with loop-attached devices. In
Homogeneous Fabric 1.0 mode, the default zone is treated like any other zone, and
RSCNs are sent only to the affected devices if the default zone is enabled or disabled. A
PFE key is not required for the Zone FlexPar feature, and it can be enabled or disabled
through CLI for a speci
c switch. When upgrading to
rmware 07.01.02–4 or installing
a new switch with
rmware 07.01.02–4 the feature is enabled by default, allowing it
to work immediately. If the Zone FlexPar feature is not enabled on all switches in the
fabric, the restricted RSCN distribution only applies for devices attached to switches
with the feature enabled.
Enhanced SANtegrity Security Suite
SANtegrity Security Suite enhanced features include authentication support for device
login, interswitch connections and management interfaces. The Secure Access features
are included as a standard part of the SANtegrity Security Suite in
rmware 07.01.02–4.
Standard features
The following SANtegrity features do not require a license or SANtegrity Binding.
CHAP Authentication for HAFM/SWAPI
—This provides authentication of
connections from the HAFM appliance service processor and SWAPI Direct
Connect. This ensures that requested HAFM management sessions or SWAPI
Direct Connect sessions are from a trusted source.
Encryption of Passwords and Secrets Shared with HAFM
—All secrets and
password information are passed in encrypted format for greater security.
14