HP StorageWorks 2/8-EL HP StorageWorks Zoning V3.1.x/4.1.x User Guide (AA-RS26 - Page 69
Using Zoning to Administer Security
View all HP StorageWorks 2/8-EL manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 69 highlights
Using Zoning to Administer Security B Zones can be used to provide controlled access to fabric segments and to establish barriers between operating environments, such as to isolate systems with different uses or protect systems in a heterogeneous environment. For example, when Zoning is in secure mode, merge operations do not occur. HP Zoning is done on the primary Fabric Configuration Server (FCS). The primary FCS switch makes zoning changes and other security-related changes. The primary FCS switch also distributes zoning to all other switches in the secure fabric. All existing interfaces can be used to administer zoning. Zone management operations must be performed from the primary FCS switch using a zone management interface, such as telnet or Web Tools. A zoning database can be altered, provided you are connected to the primary FCS switch. When two secure fabrics join, the traditional zoning merge does not occur. Instead, a zoning database is downloaded from the primary FCS switch of the merged secure fabric. When E_ports are active between two switches, the name of the FCS server and a zoning policy set version identifier are exchanged between the switches. If the views of the two secure fabrics are the same, the fabric's primary FCS server downloads the zoning database and security policy sets to each switch in the fabric. If there is a view conflict, the E_ports are segmented as incompatible security data. Note: Secure Fabric OS requires the activation of an HP security license. As part of zoning architecture, the user will need to determine which of the two basic zoning architectures will work best for their fabric. With time and planning, the basic hard zone configuration will work for most sites. If a site has additional security needs, the user will need to add the additional layer of Secure Fabric OS to lock down the fabric, in addition to the standard zoning architecture. Zoning Version 3.1.x/4.1.x User Guide 69