3 – Planning
Fabric Security
59096-02 C 3-23
A
5. Configure security on Switch_2. Create a security set (Security_Set_2) on
Switch_2.
a. Create a port group (Group_Port_2) in Security_Set_2. HBA_2 is the
only member because HBA_2 does not support authentication.
b. Create an ISL group (Group_ISL_2) in Security_Set_2 with Switch_1
and Switch_2 as members. This is a replication of the entries in ISL
group in the Switch_1 security database.
6. Save Security_Set_2 on Switch_2 and activate it.
3.7.2.3
Security Example: Host Authentication
Consider the fabric shown in Figure 3-9. In this fabric, only Switch_2 and
HBA_2/APP_2 support security, where APP_2 is a host application. The objective
is to secure the management server on Switch_2 from unauthorized access by an
HBA or an associated host application.
Port Group on Switch_2: Group_Port_2
HBA_2 Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: None
Binding: None
ISL Group on Switch_2: Group_ISL_2
Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: CHAP
Primary Hash: MD5
Primary Secret: 0123456789abcdef
Binding: None
Switch_2
Node WWN: 10:00:00:c0:dd:07:e3:4e
Authentication: CHAP
Primary Hash: MD5
Primary Secret: abcdefabcdef0123
Binding: None
To Next Page
Loading...
Need help?
General
