Authentication Overview

Chapter 1 Before Configuring SN 5428-2 Storage Router Software

Authentication Overview

Assignment of a secondary interface per FCIP instance—allows the same IP address to be assigned to each Gigabit Ethernet interface configured for an FCIP instance; one interface is assigned as primary and one interface is assigned as secondary. If the primary interface loses connection to the network and remains down for two seconds, the IP address moves to the secondary Gigabit Ethernet interface, which then becomes active.

Assignment as a management IP address—allows each Gigabit Ethernet interface to have one IP address assigned per logical interface, as a management interface. This IP address is in addition to any multiple IP address(es) per SCSI routing instance or FCIP instance assigned.

Assignment of a secondary management IP address—allows the same IP address to be assigned to each Gigabit Ethernet interface configured as a management interface; one interface is assigned as primary and one interface is assigned as secondary. If connection to the primary Gigabit Ethernet maintenance interface is lost and if the secondary maintenance interface connection is assigned and connected, the IP address moves to the secondary Gigabit Ethernet interface, which then allows management access.

Authentication Overview

Authentication is a software service that is available in each SN 5428-2. It provides a method of identifying users (including login and password dialog, challenge and response, and messaging support) prior to receiving access to the requested object, function, or network service. The SN 5428-2 supports three types of authentication:

iSCSI authentication—provides an authentication mechanism to authenticate IP hosts that request access to storage. An IP host, acting as an iSCSI initiator, can also verify the identity of an iSCSI target assigned to a SCSI routing instance, which responds to the request, resulting in a two-way authentication.

Enable authentication—provides a mechanism to authenticate users requesting Administrator mode access to an SN 5428-2 management session via the CLI enable command or an FTP session.

Login authentication—provides a mechanism to authenticate users requesting access to the SN 5428-2 in Monitor mode via the login process from a Telnet session, SSH session or the SN 5428-2 console.

Authentication is provided by an AAA (authentication, authorization, and accounting) subsystem configured in each SN 5428-2. AAA is Cisco’s architectural framework for configuring a set of three independent security functions in a consistent and modular manner: authentication, authorization, and accounting. The SN 5428-2 Storage Router software implements the authentication function.

AAAauthentication is configured by defining a list of authentication services. iSCSI authentication, which uses a AAA authentication services list, can be enabled for specific SCSI routing instances in an SN 5428-2.

When iSCSI authentication is enabled, IP hosts (with iSCSI drivers) must provide user name and password information each time an iSCSI TCP connection is established. With two-way authentication, the SCSI routing instance to which an iSCSI target has been assigned responds to the authentication request with an assigned username and password. iSCSI authentication uses the iSCSI CHAP (Challenge Handshake Authentication Protocol) authentication method.

See Chapter 9, “Configuring Authentication,” for more information about configuring authentication services.

Cisco SN 5428-2 Storage Router Software Configuration Guide

1-24

OL-4691-01

 

 

Page 23 Page 25
Page 24
Image 24
Cisco Systems SN 5428-2 manual Authentication Overview, 1-24
Page 23 Page 25

SN 5428-2 specifications

Cisco Systems SN 5428-2 is a highly versatile and advanced network storage solution designed to meet the demands of data center environments. This robust storage appliance integrates cutting-edge technologies to provide high performance, reliability, and scalability, making it an ideal choice for organizations looking to enhance their data management capabilities.

One of the main features of the SN 5428-2 is its high-density architecture, which allows for efficient utilization of space while providing ample storage capacity. The system supports multiple drive configurations, including HDDs and SSDs, enabling users to tailor their storage solutions based on performance needs and budget constraints. With a significant amount of raw capacity available, organizations can effortlessly handle large volumes of data and support intensive workloads.

The SN 5428-2 boasts advanced data protection technologies, ensuring that critical information is safeguarded against loss or corruption. Features like RAID support provide redundancy and fault tolerance, while snapshot and cloning capabilities offer quick recovery options in case of data breaches or system failures. Additionally, built-in encryption features help protect sensitive data both at rest and in transit.

The appliance incorporates state-of-the-art networking capabilities as well. With support for various network protocols, including iSCSI and Fibre Channel, the SN 5428-2 can seamlessly integrate into existing infrastructures. This adaptability allows for easy connection with different servers and storage systems, facilitating a more cohesive and efficient operational environment.

Furthermore, the SN 5428-2 is designed with scalability in mind. Organizations can start with a basic configuration and expand as their storage needs grow by adding additional drives or connecting more appliances. This flexibility ensures that businesses can continue to meet their evolving data demands without the need for complete system overhauls.

Management and monitoring of the SN 5428-2 are simplified through a user-friendly interface that provides real-time insights into system performance, capacity utilization, and health status. Administrators can easily configure and manage storage resources, making operational tasks more efficient.

In summary, Cisco Systems SN 5428-2 stands out in the realm of storage solutions by combining high density, robust data protection, advanced networking capabilities, and remarkable scalability. Its thoughtful design and features make it an essential tool for organizations looking to enhance their data storage infrastructure and improve overall performance. With its reliable and efficient performance, the SN 5428-2 is well-suited for a wide array of data center applications.
Top Page Image Contents