10 Brocade DCX 8510-4 Backbone Hardware Reference Manual
53-1002177-05
Security
1
SecurityThe following list highlights some of the key security features available for the Brocade DCX 8510-4
and for other Brocade enterprise-class products running Fabric OS 7.0.1 or later. For details,
contact your Brocade DCX 8510-4 supplier and refer to the Brocade White Paper, “The Growing
Need for Security in Storage Area Networks.”
•DH-CHAP
•SSHv2 (using AES, 3DES, RSA)
•HTTPS (using AES)
•SNPMv3
•FC-SP
•Secure RPC
•Secure file copy (SCP)
•Telnet disable
•Telne t tim eout
•IP filters (block listeners)
•Secure passwords (centralized control through RADIUS/CHAP)
•Multiple user accounts (MUAs). Up to 255.
•Role-based access controls (RBACs)
•Administrative domains/Virtual fabrics
•Boot PROM password reset
•Password hardening policies
•Up front login in Web Tools
•Login banner
•Monitoring of attempted security breaches (through audit logging)
•Monitoring of attempted security breaches (through Fabric Watch Security Class)
•Fibre Channel security policies: DCC and SCC
•Trusted Switch (FCS) for central security management
•Management access controls (SNMPv3, Telnet, FTP, serial port, front panel)
•Hardware-enforced zoning by WWN, domain/port ID, or both
•Default zoning
•RSCN suppression and aggregation
•Configurable RSCN suppression by port
•NTPv3 (to synchronize timestamps)
•Event auditing
•Change tracking
•Firmware change alerts in Fabric Manager
•Persistent por t disable
•Persistent domain ID
•E_Port disable