Q-Logic 59096-04 Manuel D’Utilisation

3 – Planning

Fabric Security

3-18

59096-04  A

S

Authentication of the user account and password can be performed locally using 
the switch’s user account database or it can be done remotely using a RADIUS 
server such as Microsoft® RADIUS. Authenticating user logins on a RADIUS 
server requires a secure management connection to the switch. Refer to 

 for information about securing the 

management connection. A RADIUS server can also be used to authenticate 
devices and other switches as described in 

.

Consider your management needs and determine the number of user accounts, 
their authority needs, and expiration dates. Also consider the advantages of 
centralizing user administration and authentication on a RADIUS server.

Port binding provides authorization for a list of up to 32 switch and device WWNs 
that are permitted to log in to a particular switch port. Switches or devices that are 
not among the 32 are refused access to the port. Consider what ports to secure 
and the set of switches and devices that are permitted to log in to those ports.

                                                                                           

If the same user account exists on a switch and its RADIUS server, 
that user can login with either password, but the authority and account 
expiration will always come from the switch database.