The Zone FlexPar feature is available in both Open Fabric 1.0 and Homogeneous Fabric 1.0 Interop modes, as well as in environments with loop-attached devices. In Homogeneous Fabric 1.0 mode, the default zone is treated like any other zone, and RSCNs are sent only to the affected devices if the default zone is enabled or disabled. A PFE key is not required for the Zone FlexPar feature, and it can be enabled or disabled through CLI for a specific switch. When upgrading to firmware 07.01.02-4 or installing
anew switch with firmware 07.01.02-4 the feature is enabled by default, allowing it to work immediately. If the Zone FlexPar feature is not enabled on all switches in the fabric, the restricted RSCN distribution only applies for devices attached to switches with the feature enabled.
Enhanced SANtegrity Security Suite
SANtegrity Security Suite enhanced features include authentication support for device login, interswitch connections and management interfaces. The Secure Access features are included as a standard part of the SANtegrity Security Suite in firmware 07.01.02–4.
Standard features
The following SANtegrity features do not require a license or SANtegrity Binding.
•CHAP Authentication for HAFM/SWAPI—This provides authentication of connections from the HAFM appliance service processor and SWAPI Direct Connect. This ensures that requested HAFM management sessions or SWAPI Direct Connect sessions are from a trusted source.
•Encryption of Passwords and Secrets Shared with HAFM—All secrets and password information are passed in encrypted format for greater security. This prevents “snooping” of Ethernet connection to capture user login and authentication secret information.
•RADIUS Server Support—This provides support for IETF RADIUS (Remote Authentication Dial In User Service) protocol for password authentication. Firmware 07.01.02-4 allows users to configure settings for using a RADIUS server. RADIUS provides centralized authentication services for multiple devices on a network. This means that several switches can be configured to use a single RADIUS server.
•Prompted Change of EWS and CLI Passwords from Default—This prompts users to modify the password settings for both the CLI and EWS interfaces the first time they log in using either of these interfaces.
•RBAC Phase I: Enhanced User Rights Configuration—RBAC is role based access control. This is the first phase of more comprehensive role-based access control planned for the CLI and EWS interfaces. Multiple users can now be configured for EWS or CLI, or both, through either interface. This allows users to configure additional user name/password combinations.
•SSH for CLI—Secure Shell (SSH) provides an encrypted connection, as an alternative to Telnet, to secure CLI access to switches and directors.