Manualshelf

McDATA® 4Gb SAN Switch for HP p-Class BladeSystem Command Line Interface Guide (AA-RWEJA-TE, November 2006)

ManualsBrandsHP ManualsStorageMcDATA 4Gb SAN Switch
71727374757677787980
McDATA® 4Gb SAN Switch for HP p-Class BladeSystem command line interface guide 73
8Device security configuration
IMPORTANT: Device security is available only with the McDATA SANtegrity PFE key. See ”Managing
switch feature upgrades” on page 44 for more information about installing a PFE key. To obtain the
McDATA 4Gb SAN Switch serial number and PFE key, follow the step-by-step instructions on the firmware
feature entitlement request certificate for the PFE key. You can obtain a PFE key from the web at:
www.webkey.external.hp.com
.
This section describes the following tasks:
Displaying security database information, page 73
Configuring the security database, page 78
Modifying the security database, page 79
Resetting the security database, page 79
Managing security sets, page 80
Managing groups, page 81
Device security provides for the authorization and authentication of devices that you attach to a switch. You
can configure a switch with a group of devices against which the switch authorizes new attachments by
devices, other switches, or devices issuing management server commands.
Device security is defined through the use of security sets and groups. A group is a list of device WWNs
that are authorized to attach to a switch. There are three types of groups: one for other switches (ISL),
another for devices (port), and a third for devices issuing management server commands (MS). A security
set is a set of up to three groups with no more than one of each group type. The security database is made
up of all security sets on the switch.
In addition to authorization, the switch can be configured to require authentication to validate the identity
of the connecting switch, device, or host. Authentication can be performed locally using the switch’s
security database, or remotely using a Remote Dial-In User Service (RADIUS) server such as Microsoft®
RADIUS.
Displaying security database information
You can display the following information about the security database:
Configured security set information, page 74
Active security set information, page 75
Security set membership information, page 76
Group membership information, page 76
Security database modification history, page 77
Security database limits, page 77