HP StorageWorks XP Remote Web Console Software User Manual
Page 48
2.
The host authenticates the connection-target host group of the array (authentication of host groups).
CAUTION:
Because host bus adapters currently do not support this function, this authentication phase
is not used in Fibre Channel environments.
3.
A target port of the array authenticates a Fibre Channel switch attempting to connect
(authentication of Fibre Channel switches).
The array performs user authentication by host groups. Therefore, host groups and hosts must have
their own user information for performing user authentication.
When a host attempts to connect to the array, the authentication of hosts phase starts. In this phase,
it is determined whether the host group requires authentication of the host. If the host group does not
require authentication of the host, the host connects to the array without authentication. If the host
group requires authentication of the host, authentication is performed for the host. When the host is
successfully authenticated, processing goes to the next phase.
After authentication of the host succeeds, if the host requires user authentication for the host group
that is connection target, the authentication of host groups phase starts. In this way, host groups and
hosts authenticate with each other, that is, mutual authentication. In the authentication of host groups
phase. if the host does not require user authentication for the host group, the host connects to the
array without authentication of the host group.
The following explains the settings required for user authentication. The settings for authentication of
host groups are needed only when performing mutual authentication.
•
Settings for authentication of hosts
• On the array:
Use XP LUN Configuration and Security Manager Software to specify whether authentication
of hosts on each host group is performed. On a host group that performs authentication, register
user information (group name, user name, and secret) of hosts allowed to connect to the host
group. A secret is a password used in CHAP authentication. When registering user information,
you can also enable or disable authentication on a host basis. For more information, see
abling and disabling authentication of hosts in host groups
and
Registering a host's user inform-
• On hosts:
Configure the operating system and Fibre Channel host bus adapter driver for authentication
by host groups with CHAP. You must specify the host's user name and secret used for CHAP.
For more information, see the documentation for the operating system and Fibre Channel host
bus adapter driver in your environment.
•
Settings for authentication of ports (required if performing mutual authentication)
• On the array:
Use XP LUN Configuration and Security Manager Software to specify each host group's user
information (user name and secret). For more information, see
Specifying a host group's user
information (when performing mutual authentication)
• On hosts:
Configure the operating system and Fibre Channel host bus adapter driver for authenticating
host groups with CHAP. You must specify the user name and secret of the host group that is
the connection target. For more information, see the documentation for the operating system
and Fibre Channel host bus adapter driver in your environment.
Overview of XP LUN Configuration and Security Manager Software
48