Host configuration policy managers – Brocade Network Advisor SAN User Manual v12.3.0 User Manual

Brocade Network Advisor SAN User Manual

1235

53-1003154-01

Policy monitor overview

31

•

Check for SSH (secure Telnet) configuration — This switch and router configuration policy
manager enables you to check each target to see if SSH is enabled for device data
transmission.

The preferred Management application product communication must be SSH for this check to
pass.

For Fabric OS products, verifies SSH access is enabled and telnet access is disabled through
the IP ACL active or applied policy rules. You should verify that the IP ACL active rules deny
telnet access to all.

For Fabric OS products, if the IPv6 interface is enabled, verifies both IPv4 and IPv6 through the
active IP ACL policy.

Rule Violation Fix — If the configuration policy manager report shows a violation, enable SSH
on the device. Disable Telnet settings on the device, if enabled.

•

Check for SNMPv3 (secure SNMP) configuration — This switch and router configuration policy
manager enables you to check each target to see if SNMPv3 is active for device data
transmission and SNMPv1 and SNMPv2 are not configured.

NOTE

For this check to pass, you must discover the products using SNMPv3 credentials.

Rule Violation Fix — If the configuration policy manager report shows a violation, configure
SNMPv3 on the device. Remove SNMPv1 and SNMPv2 settings on the device, if configured.

•

Check for MAPS actions enabled (SAN only) - This switch and router configuration policy
manager enables you to determine whether the chosen MAPS actions are enabled on the
selected switches.

Rule Violation Fix — If the configuration policy manager report shows a violation, the SAN
Administrator can use the MAPS Configuration dialog box (Monitor > Fabric Vision > MAPS >
Configure > Actions) to enable the required MAPS actions.

NOTE

For this check to pass, you must enable MAPS in the switches and discover Fabric OS switches
running Fabric OS 7.2.0 or later.

Host configuration policy managers

Host configuration policy managers enable you to set the following checks on host devices:

•

Check for multiple fabrics connections — This host configuration policy manager enables you to
determine if each host is connected to multiple fabrics to prevent a single point of failure.

Available hosts include both automatic hosts and manual hosts. Automatic hosts are those
hosts discovered through Host or VM Manager discovery. Manual hosts are those host
enclosures that are manually created through host port mapping in the fabric topology.

The Management application determines if the host has redundant connections to different
fabrics based on discovery type and connection knowledge that the Management application
collects; however, there is no guarantee that redundant paths exist to the same storage target.