Brocade FICON Administrator's Guide v7.1.0 (53-1002753-01, March 2013)
10 FICON Administrator’s Guide
53-1002753-01
Access control in FICON
1
Error reporting
Non-implicit (such as Fabric OS recognized or bit error rate threshold exceeded) and implicit (FRU
failure) link incidents are reported to registered listeners on the local switch. The RMF 74-7 record
(FICON Director Activity Report, which is the same RMF Record containing the average frame
pacing delay information) reports port errors, which in turn are also reported back to the
mainframe host management consoles.
Secure access control
Binding is a method used to prevent devices from attaching to the switch or Backbone. Secure
Access Control List (ACL) provides the following fabric, switch, and port binding features:
• Fabric binding is a security method for restricting switches within a multiple-switch fabric.
Brocade recommends using fabric binding for cascaded FICON. SCC ACL with strict fabric-wide
consistency is required for FICON fabric binding.
• Switch binding is a security method for restricting devices that connect to a particular switch or
Backbone. If the device is another switch, this is handled by the SCC policy. If the device is a
host or storage device, the device connection control (DCC) policy binds those devices to a
particular switch. Policies range from completely restrictive to reasonably flexible, based upon
customer needs. SCC ACL with strict fabric-wide consistency is necessary for FICON switch
binding.
• Port binding is a security method for restricting host or storage devices that connect to
particular switch ports. The DCC policy also binds device ports to switch ports. Policies range
from completely restrictive to reasonably flexible, based on customer needs.
Figure 8 on page 11 demonstrates the three types of binding you can use depending on the
security requirements of your fabric.