When creating a mixed environment, place all FICON devices in one VSAN (other than the default VSAN)
and segregate the FCP switch ports in a separate VSAN (other than the default VSAN). This isolation ensures
proper communication for all connected devices.
Tip
Cisco MDS-Supported FICON Features
The Cisco MDS 9000 Family FICON features include:
• Flexibility and investment protection—The Cisco MDS 9000 Family shares common switching and
service modules across the Cisco MDS 9500 Series and the 9200 Series.
Refer to the Cisco MDS 9500 Series Hardware Installation Guide and the Cisco MDS 9200 Series
Hardware Installation Guide.
• High-availability FICON-enabled director—The Cisco MDS 9500 Series combines nondisruptive software
upgrades, stateful process restart and failover, and full redundancy of all major components for a new
standard in director-class availability. It supports up to 528 autosensing, 4/2/1-Gbps, 10-Gbps, FICON
or FCP ports in any combination in a single chassis. Refer to the Cisco MDS 9000 Family NX-OS High
Availability and Redundancy Configuration Guide.
• Infrastructure protection—Common software releases provide infrastructure protection across all Cisco
MDS 9000 platforms. Refer to the Cisco MDS 9000 Family NX-OS Software Upgrade and Downgrade
Guide
• VSAN technology—The Cisco MDS 9000 Family provides VSAN technology for hardware-enforced,
isolated environments within a single physical fabric for secure sharing of physical infrastructure and
enhanced FICON mixed support. See Configuring and Managing VSANs, on page 7
• Port-level configurations—There are BB_credits, beacon mode, and port security for each port. Refer
to the Cisco MDS 9000 Family NX-OS Interfaces Configuration Guide for information about
buffer-to-buffer credits, beacon LEDs, and trunking.
• Alias name configuration—Provides user-friendly aliases instead of the WWN for switches and attached
node devices. See
• Comprehensive security framework—The Cisco MDS 9000 Family supports RADIUS and TACACS+
authentication, Simple Network Management Protocol Version 3 (SNMPv3), role-based access control,
Secure Shell Protocol (SSH), Secure File Transfer Protocol (SFTP), VSANs, hardware-enforced zoning,
ACLs, fabric binding, Fibre Channel Security Protocol (FC-SP), LUN zoning, read-only zones, and
VSAN-based access control. Refer to the Cisco MDS 9000 Family NX-OS Security Configuration Guide
for information about RADIUS, TACACS+, FC-SP, and DHCHAP.
LUN zoning and read-only zones are not supported from Cisco MDS NX-OS
Release 5.x and later.
Note
• Traffic encryption—IPSec is supported over FCIP. You can encrypt FICON and Fibre Channel traffic
that is carried over FCIP. Refer to the Cisco MDS 9000 Family NX-OS Security Configuration Guide
• Local accounting log—View the local accounting log to locate FICON events. For more information
about MSCHAP authentication, and local AAA services, refer to the Cisco MDS 9000 Family NX-OS
Security Configuration Guide
Cisco MDS 9000 Series Fabric Configuration Guide, Release 8.x
249
Configuring FICON
Cisco MDS-Supported FICON Features