FW V06.XX/HAFM SW V08.02.00 HP StorageWorks SAN High Availability Planning Guide (AA-RS2DD-TE, July 2004)
Table Of Contents
- SAN HA Planning Guide
- Contents
- About this Guide
- Introduction to HP Fibre Channel Products
- Product Management
- Planning Considerations for Fibre Channel Topologies
- Fibre Channel Topologies
- Planning for Point-to-Point Connectivity
- Characteristics of Arbitrated Loop Operation
- Planning for Private Arbitrated Loop Connectivity
- Planning for Fabric-Attached Loop Connectivity
- Planning for Multi-Switch Fabric Support
- Fabric Topologies
- Planning a Fibre Channel Fabric Topology
- Fabric Topology Design Considerations
- FICON Cascading
- Physical Planning Considerations
- Port Connectivity and Fiber-Optic Cabling
- HAFM Appliance, LAN, and Remote Access Support
- Inband Management Access (Optional)
- Security Provisions
- Optional Features
- Configuration Planning Tasks
- Task 1: Prepare a Site Plan
- Task 2: Plan Fibre Channel Cable Routing
- Task 3: Consider Interoperability with Fabric Elements and End Devices
- Task 4: Plan Console Management Support
- Task 5: Plan Ethernet Access
- Task 6: Plan Network Addresses
- Task 7: Plan SNMP Support (Optional)
- Task 8: Plan E-Mail Notification (Optional)
- Task 9: Establish Product and HAFM Appliance Security Measures
- Task 10: Plan Phone Connections
- Task 11: Diagram the Planned Configuration
- Task 12: Assign Port Names and Nicknames
- Task 13: Complete the Planning Worksheet
- Task 14: Plan AC Power
- Task 15: Plan a Multi-Switch Fabric (Optional)
- Task 16: Plan Zone Sets for Multiple Products (Optional)
- Index
Physical Planning Considerations
148 SAN High Availability Planning Guide
The system administrator can also use the HAFM application to assign remote
workstation access to directors and switches. Remote sessions can be allowed for
anyone on a customer intranet, disallowed completely, or restricted to specific
workstations. Remote users must log in to the HAFM application with a user name
and password, just as when logging in to the local HAFM appliance. Passwords
are encrypted when sent across the network. By entering workstation IP addresses
at the HAFM application, administrators can allow access from all user
workstations or only from specific workstations.
For access through the Web server interface, the system administrator provides IP
addresses of products to authorized users, assigns access usernames, and controls
associated passwords.
SANtegrity Binding
SANtegrity Binding is a feature that enhances data security in large and complex
SANs that have numerous fabrics and devices provided by multiple original
equipment manufacturers (OEMs), SANs that intermix FCP and FICON
protocols, and FICON-cascaded high-integrity SANs. The feature allows or
prohibits director or switch attachment to fabrics (fabric binding) and Fibre
Channel device attachment to directors or switches (switch binding). The
SANtegrity binding feature includes:
■ Fabric binding — Using the fabric binding feature, an administrator allows
only specified directors or switches to attach to specified fabrics in a SAN.
This provides security from accidental fabric merges or potential fabric
disruption, particularly in environments that use patch panels for centralizing
fibers and physical connections. This feature is managed through the HAFM
Manager application.
Product Administrator The product administrator can make control and
configuration changes through the
Element Manager
application.
System Administrator The system administrator can make control and
configuration changes, define users and passwords, and
add or remove products through the
HAFM
application.
Maintenance The maintenance operator can perform product control
and configuration changes through the
Element Manager
application and perform diagnostics, maintenance
functions, firmware loads, and data collection.
Table 3: Types of User Rights
User Right Operator Access Allowed