User Authentication, Fabric Security | Q-Logic 59022-03 D specs

Section 3

Managing Fabrics

This section describes the following tasks that manage fabrics:

■Security

■Managing the fabric database

■Displaying fabric information

■Zoning a fabric

3.1

Security

The two components of SANbox2 security are user authentication and fabric security. The user must be authenticated before gaining access to a switch. If an invalid account name/password combination is entered, that user can not access the switch, and thus can not gain access to the fabric. If security is enabled (on) and a valid account name/password combination is entered, that user can access the switch but can not execute any command that exceeds their authority (privileges) level. If security is disabled (off) and a valid account name/password combination is entered, that user has access to all switches in the fabric and can execute all commands (both user and admin), regardless of their authority (privileges) level.

3.1.1

User Authentication

User authentication pertains to accessing a switch based on a valid account name/password combination entered by the user. The valid account name/password/system privileges combinations are set up by the system administrator, and define which set of system commands each user may execute if a valid account name/password combination is entered. The system privileges are tied to the account name/password combination.

3.1.2

Fabric Security

Fabric security pertains to whether all switches in the fabric are configured to permit access to each switch in that fabric. All switches in the fabric should be configured with the same security setting (enabled/true or disabled/false). By default, security is disabled. Once access is gained to the entry switch in a fabric, that user may access all switches in that fabric.

59022-03 D

3-1

Image 33

Q-Logic 59022-03 D manual User Authentication, Fabric Security

Contents

SANbox2 Switch Management User’s Guide Document Revision History SANbox2 Switch Management User’s Guide Table of Contents 11.2 Section Managing Fabrics Section Managing Switches Section Managing Ports Appendix a Command Line Interface Glossary Index Tables Figures Port Statistics Data Window Entries SANbox2 Switch Management User’s Guide 59022-03 D Related Materials Intended Audience Availability Technical SupportTraining Contact Information Management Workstation Requirements Installing SANbox Manager For Windows For Linux Press the Enter key Enter the following command For Solaris SANbox Manager Window Starting SANbox Manager Load Default Fabric View File Window Save Current Fabric View Window Exiting SANbox Manager Changing Default File Password Uninstalling SANbox Manager Preferences Window Setting Preferences Viewing Software Version and Copyright Information Using Online Help SANbox Manager User Interface Topology DisplayFaceplate Display Menu Bar Some menu selections have shortcut keys as shown in TableMenu Shortcut Keys Tool Bar buttons Tool Bar Fabric Tree Fabric Tree Working Status Indicator Graphic WindowData Window and Tabs Switch and Link Status Using the Topology Display Selecting Switches and Links Working with Switches and LinksMoving a Switch in the Display Opening the Faceplate Display and Popup Menus Topology Data Windows Using the Faceplate Display Port Views and Status Working with PortsSelecting Ports Faceplate Data Windows Opening Popup Menus User Authentication SecurityFabric Security Adding a Fabric Managing the Fabric Database Opening a Fabric View File Removing a FabricSaving a Fabric View File Rediscovering a Fabric Adding a New Switch to a Fabric Replacing a Failed Switch in a Fabric Deleting Switches and LinksDisplaying Fabric Information Fabric Status Topology Display Switch and Status Icons Switch communication interrupted Red Active Zone Set Data Window Active Zone Set Data Window Zoning Concepts Zoning a Fabric Soft Zones Zones Access Control List Hard Zones Virtual Private Fabric Hard ZonesAliases Zoning Database Zone Sets Zoning Configuration Merge Mode Default VisibilityAuto Save Restoring Default Zoning Using the Zoning Config Window Zone Merge Failure Recovery Merging Fabrics and ZoningZone Merge Failure Edit Zoning Window Using the Edit Zoning Window Edit Zoning Window Tool Bar Buttons Managing Zone Sets Activating and Deactivating a Zone Set Creating a Zone Set Copying a Zone to a Zone Set Removing a Zone from a Zone Set or from All Zone SetsRemoving a Zone Set Removing All Zoning Definitions Managing ZonesCreating a Zone in a Zone Set Adding Zone Members Removing a Zone Member Renaming a Zone or a Zone SetRemoving a Zone from a Zone Set Removing a Zone from All Zone Sets Changing Zone Types Managing AliasesCreating an Alias Removing an Alias from All Zones Adding a Member to an Alias Displaying Switch Information Managing Switches Faceplate Display Displaying Hardware Status Name Server Data Window Entries Name Server Data Window Switch Data Window Entries Switch Data Window Port Information Data Window Port Statistics Data Window Alarm Log Data Window Configured Zonesets Data Window Paging a Switch Exporting Alarm Log Information to a FileResetting a Switch Configuring a Switch Switch Administrative States Switch ConfigurationSwitch Administrative States Chassis Name Broadcast Support Domain ID Timeout Values Timeout Values Network Properties Window Network Configuration IP Configuration Parameters IP Configuration Snmp Configuration Snmp Configuration ParametersRemote Logging Configuration Backup Snmp Trap ConfigurationConfiguration Restore Snmp Trap Configuration Parameters Archiving a Switch Reinitializing the Configuration File System Loading Firmware Restoring a Switch Factory Default Configuration Settings Restoring the Factory Default ConfigurationPage Displaying Port Information Managing Ports Monitoring Port Status Displaying Port ModesPort Modes Displaying Port Speeds Displaying Port Operational StatesPort Operational States Port Speeds Displaying Tranceiver Media Status Transceiver Media ViewPort Statistics Data Window Entries Port Statistics Data Window Entries Port Statistics Data Window Entries Port Info Data Window Entries Port Properties Window Configuring Ports Changing Port Administrative States Port Administrative StatesChanging Port Speeds Changing Port Modes Changing Buffer-to-Buffer Credits Changing TL ModesStream Guard Extending Port Credits Extended Credits Window Testing Ports Resetting a Port Managing Ports Testing Ports Logging On to a Switch Command Line Interface Command Syntax Command syntax is as followsCommand keyword keyword value Table A-1. Commands Listed by Authority Level Commands Authority Admin Admin CommandCancel Keywords start Authority Admin Syntax alias Alias Command Rename aliasold aliasnew Remove alias members Syntax config Config CommandKeywords activate config Edit config Save config Date Command Authority Admin Syntax dateKeywords MMDDhhmmCCYY Authority Fallback CommandSyntax Examples Help command keyword Help CommandCommand Keywords History Command UserHistory Authority Admin Syntax image cleanup Image CommandKeywords cleanup Unpack file Lip Command Lip portnumberPortnumber Admin Passwd CommandPasswd accountname Accountname Examples The following is an example of the Ps command Ps CommandAuthority User Syntax ps Displays current system process information Authority User Quit CommandCloses the Telnet session Syntax quit, exit, or logout Reset Command Authority Admin Syntax reset config factoryKeywords config Table A-3. Port Configuration Defaults Table A-2. Switch Configuration Defaults Table A-3. Port Configuration Defaults Table A-5. System Configuration Defaults Clears the log list of alarms Set Alarm Clear CommandSyntax set alarm clear Examples The following example clears the list of alarms Set Beacon Command Set beacon stateState Set config Set Config CommandTable A-6. Set Config Port Parameters Port portnumber Use Arbff instead of idles on loop Table A-7. Set Config Switch Parameters With formatting and current values will follow Table A-8. Set Config Zoning Parameters Mfstov Following is an example of the Set Config Switch command Following is an example of the Set Config Zoning command Set log Set Log CommandArchive Clear Level level Port portsSave Log Stop command StartStop Set Port Command Set setup Set Setup CommandTable A-9. Snmp Configuration Settings Snmp System Table A-10. System Configuration Settings Contact Following is an example of the Set Setup System command Set switch Set Switch Command Keywords about Show Command Log option Perf optionTable A-11. Show Port Parameters LIP Alpd Alps Steering domainid Setup optionTopology Users Following is an example of the Show Fabric command Following is an example of the Show Domains command Following is an example of the Show Topology command Following is an example of the Show Setup Snmp command NL 20000020372b05c9 NL 20000020372b095e NL 20000020372b0920 LIPF8F7 Following is an example of the Show Port command Following is an example of the Show Switch command Show config Show Config CommandDisplays configuration parameters for the switch Displays zoning configuration parameters for the switch Following is an example of the Show Config Zoning command Following is an example of the Show Config Switch command Keywords component Show Log Command Following is an example of the Show Log command Following is an example of the Show Log Options command Displays performance data for all ports Show Perf CommandSyntax show perf Keywords byte bytes/sec Displays the current Snmp and system settings Show Setup CommandShow setup Displays the current Snmp settings Following is an example of the Show Setup System command Syntax shutdown Shutdown Command Test Command Syntax test portnumber testtype Keywords portnumberTesttype Set port x state online Uptime Command Examples The following is an example of the Uptime commandAuthority User Syntax uptime Accounts User CommandAdd Delete accountname Following is an example of the User List command Following is an example of the User Delete command Whoami Command Examples The following is an example of the Whoami commandAuthority User Syntax whoami Syntax zone Zone Command Remove zone members Members zoneRename zoneold zonenew Type zone zonetype Following is an example of the Zone Zonesets command Following is an example of the Zone Members command Keywords active Zoneset Command Remove zoneset zonelist Rename zonesetold zonesetnewZones zoneset Zoning Command EditOpens a Zoning Edit session Following is an example of the Zoning List command Configured Zoning Information Command Line Interface Zoning Command 59022-03 D Class 2 Service BootPClass 3 Service Fabric Management Switch Output Power LED Input Power LEDOver Temperature LED Power On Self Test Post Small Form-Factor Pluggable Small Form FactorTarget Worldwide Name WWN SANbox2 Switch Management User’s Guide 59022-03 D Glossary-4 Index Index-2 59022-03 D 59022-03 D Index-3 Index-4 59022-03 D