Sun Microsystems 5802 用户手册

86

Enterprise Fabric Suite 2007 User Guide • September 2008

security database for the entire fabric resides on the server. In this way, the security 
database can be managed centrally, rather than on each switch. You can configure 
up to five RADIUS servers to provide failover.

You can configure the RADIUS server to authenticate just the switch or both the 
switch and the initiator device if the device supports authentication. When using a 
RADIUS server, every switch in the fabric must have a network connection. A 
RADIUS server can also be configured to authenticate user accounts.

Consider the devices, switches, and management agents and evaluate the need for 
authorization and authentication. Also consider whether the security database is to 
distributed on the switches or centralized on a RADIUS server and how many 
servers to configure.

Managing device security involves the following tasks:

■

Creating security sets, groups, and members

■

Editing a security configuration on a switch

■

Viewing properties of a security set, group, or member

■

Archiving a security configuration on a switch to a file

■

Activating and deactivating a security set

The security database is made up of all security sets on the switch. The security 
database has the following limits: 

■

Maximum number of security sets is 4.

■

Maximum number of security groups is 16.

■

Maximum number of members in a group is 1000.

■

Maximum total number of group members is 1000.

Managing Device Security

Device security consists of the following tasks:

■

■

■