3 – Planning Fabric Security

S

b.Create an ISL group (Group_ISL_1) in Security_Set_1 with Switch_1, Switch_2, HBA1, and JBOD as members. The Switch_1 secret must be shared with the Switch_2 security database.

ISL Group on Switch_1: Group_ISL_1

Switch_1

Switch_2

Node WWN: 10:00:00:c0:dd:07:e3:4c

Authentication: CHAP

Primary Hash: MD5

Primary Secret: 0123456789abcdef

Binding: None

Node WWN: 10:00:00:c0:dd:07:e3:4e

Authentication: CHAP

Primary Hash: MD5

Primary Secret: abcdefabcdef012

Binding: None

2.Configure security on HBA_1 using the appropriate management tool. Logins between the Switch_1 and HBA_1 will be challenged for their respective secrets. Therefore, the secrets for Switch_1 and HBA_1 that you configured on Switch_1 must also be configured on HBA_1.

3.Save and activate Security_Set_1 on Switch_1.

4.Create a security set (Security_Set_2) on Switch_2. Create an ISL group (Group_ISL_2) in Security_Set_2 with Switch_2 and Switch_1 as members.

ISL Group on Switch_2: Group_ISL_2

Switch_2

Switch_1

Node WWN: 10:00:00:c0:dd:07:e3:4e

Authentication: CHAP

Primary Hash: MD5

Primary Secret: 0123456789abcdef

Binding: None

Node WWN: 10:00:00:c0:dd:07:e3:4c

Authentication: CHAP

Primary Hash: MD5

Secret: abcdefabcdef012

Binding: None

5.Save and activate Security_Set_2 on Switch_2.

3-22

59096-04 A

Page 62
Image 62
Q-Logic 5000 manual ISL Group on Switch1 GroupISL1