Section 3

Managing Fabrics

This section describes the following tasks that manage fabrics:

Security

Managing the fabric database

Displaying fabric information

Zoning a fabric

3.1

Security

The two components of SANbox2 security are user authentication and fabric security. The user must be authenticated before gaining access to a switch. If an invalid account name/password combination is entered, that user can not access the switch, and thus can not gain access to the fabric. If security is enabled (on) and a valid account name/password combination is entered, that user can access the switch but can not execute any command that exceeds their authority (privileges) level. If security is disabled (off) and a valid account name/password combination is entered, that user has access to all switches in the fabric and can execute all commands (both user and admin), regardless of their authority (privileges) level.

3.1.1

User Authentication

User authentication pertains to accessing a switch based on a valid account name/password combination entered by the user. The valid account name/password/system privileges combinations are set up by the system administrator, and define which set of system commands each user may execute if a valid account name/password combination is entered. The system privileges are tied to the account name/password combination.

3.1.2

Fabric Security

Fabric security pertains to whether all switches in the fabric are configured to permit access to each switch in that fabric. All switches in the fabric should be configured with the same security setting (enabled/true or disabled/false). By default, security is disabled. Once access is gained to the entry switch in a fabric, that user may access all switches in that fabric.

59022-03 D

3-1

Page 33
Image 33
Q-Logic 59022-03 D manual User Authentication, Fabric Security