Port security, Figure 30 port binding dialog box, Device security – HP H-series Enterprise Fabric Management Suite Software User Manual

Page 66: 30 port binding dialog box

Advertising
background image

66

Managing Fabric Security

Port security

Port binding ties a specific device WWN to a physical port number. Using the Port Binding dialog box,

you can enable/disable port binding for the port and add WWNs to the list of WWNs bound to the port.

The dialog box displays the port binding data received from the switch for the selected port.
To bind a WWN to a port:

1.

Select a switch in the fabric tree.

2.

Select a port, and select Port > Port Binding to open the Port Binding dialog box (

Figure 30

).

3.

Select a WWN in the WWN field, and click Add to place the WWN into the WWN List. You can

specify a maximum of 32 WWNs. To remove a WWN from the list, select the WWN, and click

Remove.

4.

To enable port binding for the list of WWNs, check the Port Binding checkbox, and click OK.

NOTE:

Enabling port binding for an empty WWN list will isolate the port.

Figure 30

Port Binding dialog box

Device security

Device security provides for the authorization and authentication of devices that you attach to a switch. You

can configure a switch with a group of devices against which the switch authorizes new attachments by

devices, other switches, or devices issuing management server commands.
Device security is configured through the use of security sets and groups. A group is a list of device World

Wide Names that are authorized to attach to a switch. There are three types of groups: one for other

switches (ISL), another for devices (Port), and a third for devices issuing management server commands

(MS).
A security set is a set of up to three groups with no more than one of each group type. The orphan security

set contains the security groups and members that do not belong to a security set. Activating a security set

applies security to the switch or fabric. Only one security set can be active at one time.
An active security set with an ISL group allows changes to the security set to propagate to the other

switches in the ISL group. ISL group WWN, domain ID, and configuration information (except secrets)

propagate to the other switches in the ISL group so that all of the switches have the same security

information. If fabric binding is enabled on the ISL group, WWNs and domain IDs are verified against the

ISL group information before allowing a connection by another switch, providing another level of security.

Advertising
This manual is related to the following products:

H-series Enterprise Fabric Management Suite Software Licenses, 8.20q Fibre Channel Switch, SN6000 Fibre Channel Switch

Popular Brands
Popular manuals