HP A7540-96010 manual Fabric security, Fabric management, User account security

Planning

Fabric security

Fabric security consists of the following:

■User account security

■Simple Network Management Protocol security

User account security

User account security consists of account names, passwords, expiration dates, and authority levels. If an account has Admin authority, all management tasks can be performed by that account in both Switch Manager and the CLI. Without Admin authority, only monitoring tasks are available. The default account name, Admin, is the only account that can create or change account names and passwords. Account names and passwords are required when connecting to a switch. Consider your management needs and determine the number of user accounts, their authority needs, and expiration dates.

Simple Network Management Protocol security

SNMP is the protocol governing network management and monitoring of network devices, and is enabled by default. SNMP security consists of a read community string and a write community string, which are the passwords that control read and write access to the switch. The read community string ("public") and write community string ("private") are set at the factory to these well-known defaults and should be changed. If the read and write community strings have not been changed from their defaults, you risk unwanted access to the switch.

Fabric management

Switch Manager and the CLI execute on a management workstation that provides for the advanced configuration, control, and maintenance of the fabric. Supported platforms include Windows and Linux. Consider how many fabrics will be managed, how many management workstations are needed, and whether the fabrics will be managed with the CLI or Switch Manager.

A switch supports a combined maximum of 19 logins reserved as follows:

■4 logins or sessions for internal applications such as management server and SNMP

■9 high priority Telnet sessions

■6 logins or sessions for Switch Manager logins and Telnet logins. Additional logins are refused.

See “Management System Requirements” on page 63 for connection information and refer to the HP StorageWorks 2/8q Fibre Channel Switch Management User Guide for information about using these management tools.