Q-Logic 16-Feb Manual Do Utilizador
3 – Planning
Security
59021-06 A
3-11
D
3.6
Security
Security is available in the form of user authentication, inter-switch security, and
inband management. User authentication validates user accounts for both Telnet
and SANbox Manager sessions. A user account consists of an account name, a
password, an authority level, and an expiration date. If an account has Admin
authority, all management tasks can be performed by that account in both
SANbox Manager and the Telnet command line interface. Otherwise only
monitoring tasks are available. Consider your management needs and determine
the number of user accounts, their authority needs, and expiration dates.
inband management. User authentication validates user accounts for both Telnet
and SANbox Manager sessions. A user account consists of an account name, a
password, an authority level, and an expiration date. If an account has Admin
authority, all management tasks can be performed by that account in both
SANbox Manager and the Telnet command line interface. Otherwise only
monitoring tasks are available. Consider your management needs and determine
the number of user accounts, their authority needs, and expiration dates.
Account names and passwords are required only if fabric security is enabled.
Fabric security is controlled by the SecurityEnabled parameter which is set by the
Set Setup System command. Fabric security must be configured the same for all
switches in the fabric. Refer to the
Fabric security is controlled by the SecurityEnabled parameter which is set by the
Set Setup System command. Fabric security must be configured the same for all
switches in the fabric. Refer to the
information. Switches come from the factory with fabric security disabled.
Consider your user accounts and determine whether user authentication is
necessary.
Consider your user accounts and determine whether user authentication is
necessary.
Inter-switch link security controls whether connections are permitted with other
switches. You can configure a SANbox2-16 switch to connect with FC-SW-2
compliant switches only, SANbox2 switches only, or to reject all connections
regardless of switch type. Refer to the
switches. You can configure a SANbox2-16 switch to connect with FC-SW-2
compliant switches only, SANbox2 switches only, or to reject all connections
regardless of switch type. Refer to the
more ISL security information and a Set Config Port example. Consider the types
of switches in your fabric and where connections are needed.
of switches in your fabric and where connections are needed.
Inband management is the ability to manage switches across inter-switch links
using SANbox Manager, SNMP, IPFC, management server, or the application
programming interface. The switch comes from the factory with inband
management enabled. If you disable inband management on a particular switch,
you can no longer communicate with that switch by means other than a direct
Ethernet or serial connection. Consider how you want to manage the fabric and
what switches you do not want managed through another switch.
using SANbox Manager, SNMP, IPFC, management server, or the application
programming interface. The switch comes from the factory with inband
management enabled. If you disable inband management on a particular switch,
you can no longer communicate with that switch by means other than a direct
Ethernet or serial connection. Consider how you want to manage the fabric and
what switches you do not want managed through another switch.