Sun Microsystems 5802 Using RADIUS Servers

Chapter 4 Managing Fabric Security 95

5. Click the Save button to save the security configuration to a file.

6. In the File Password dialog, enter a password and click the Yes button to save the

file with a password and close the File Password dialog. Or, click the No button

to save the file without a password and close the File Password dialog.

Activating a Security Set

Only one security set can be active at one time. To activate a security set, do the

following:

1. On the faceplate display, open the Security menu and select Activate Security Set

to open the Activate Security Set dialog.

2. In the Activate Security Set dialog, select a security set from the drop-down list.

3. Click the Activate button to activate the security set.

Deactivating a Security Set

Only one security set can be active at one time. To deactivate an active security set,

do the following:

1. In the faceplate display, open the Security menu and select Deactivate Security

Set.

2. In the Deactivate dialog, click the Yes button to confirm that you want to

deactivate the active security set.

Using RADIUS Servers

Remote Authentication Dial In User Service (RADIUS) provides a method to

centralize the management of authentication passwords in larger networks. It has a

client/server model, where the server is the password repository and third party

authentication point and the clients are all of the managed devices. RADIUS can be

configured for devices and/or user accounts. The RADIUS server dialogs are

available only on a secure fabric connection (SSL) and on the entry switch (out of

band switch). Refer to “Connection Security” on page 80 and “Managing System

Services” on page 128 for more information.

RADIUS is designed to authenticate users and devices using a challenge/response

protocol. Basic implementations consist of a central RADIUS server containing a

database of authorized users as well as authentication information. A RADIUS client

wishing to verify the authenticity of a user issues a challenge to the user and collects

Contents

Main Please Recycle Contents Page Page Page Page Page Page Page Page Page Figures Page Page Page Tab le s Page Preface How This Document Is Organized Typographic Conventions Note do not display correctly, change the character encoding in your browser to Unicode UTF-8. Related Documentation Documentation, Support, Training, and Service Sun Welcomes Your Comments Page Using Enterprise Fabric Suite 2007 Workstation Requirements Installing Enterprise Fabric Suite 2007 Note Starting Enterprise Fabric Suite 2007 Note Page Exiting Enterprise Fabric Suite 2007 Page Uninstalling Enterprise Fabric Suite 2007 Changing the Encryption Key for the Default Fabric View File Saving and Opening Fabric View Files Setting Enterprise Fabric Suite 2007 Preferences Page Using Online Help Page Page Page Fabric Tree Note Graphic Window Data Window and Tabs Menus Topology Display Menu Faceplate Display Menu Page Menu Shortcut Keys Popup Menus Note Opening the Topology Popup Menus Opening the Faceplate Popup Menus Too l Ba r Using the Topology Display Note Working with Switches and Links Selecting Switches and Links Arranging Switches in the Topology Display Topology Data Windows Using the Faceplate Display Note Alerts Panel Note Port Views and Status Wor king wit h Por ts Selecting Ports Note Faceplate Data Windows Page Managing Fabrics Tracking Fabric Firmware and Software Ver si on s Saving a Version Snapshot Viewing and Comparing Version Snapshots Exporting Version Snapshots to a File Managing the Fabric Database Adding a Fabric Page Note Removing a Fabric Note Opening a Fabric View File Note Saving a Fabric View File Rediscovering a Fabric Deleting Switches and Links Adding a New Switch to a Fabric Replacing a Failed Switch Caution Displaying Fabric Information Link and Stack Link Data Windows Devices Data Window Displaying Fabric Status Note Displaying the Event Browser Page Note Filtering the Event Browser Sorting the Event Browser Note Saving the Event Browser to a File Verifying Fibre Channel Connections FC Ping Dialog Note FC TraceRoute Dialog Note Working with Device Information and Nicknames Displaying Detailed Device Information Note Exporting Device Information to a File Managing Nicknames for Fabric Devices Note Creating a Nickname Editing a Nickname Deleting a Nickname Exporting Nicknames to a File Importing a Nicknames File Enabling Fabric Services Enabling SNMP Configuration Enabling In-band Management Page Managing Fabric Zoning Zoning Concepts Zones Aliases Zone Sets Note Zoning Database Viewing Zoning Limits and Properties Active Zoneset Data Window Configured Zonesets Data Window Active Zoneset Data Window Zoning a Fabric Using the Zoning Wizard Managing the Zoning Database Editing the Zoning Database Note 12 Page Page Resolving Zoning Capture Active Zoning Restore Configured Zoning Capture Merged Zoning View Merged/Configured Differences Merge Auto Save Note Default Zone Discard Inactive Saving the Zoning Database to a File Restoring the Zoning Database from a File Caution Restoring the Default Zoning Database Caution Managing Zone Sets Creating a Zone Set Activating and Deactivating a Zone Set Renaming a Zone Set Removing a Zone Set Managing Zones Note Creating a Zone in a Zone Set Note Copying a Zone to a Zone Set Adding Zone Members Note Renaming a Zone Removing a Zone Member Removing a Zone from a Zone Set Removing a Zone from All Zone Sets Note Managing Aliases Creating an Alias Adding a Member to an Alias Removing an Alias from All Zones Merging Fabrics and Zoning Zone Merge Failure Zone Merge Failure Recovery Note Page Managing Fabric Security Security Consistency Checklist Connection Security User Account Security Note Port Security Note Configured Security Data Window Note Active Security Data Window Note Fabric Binding Device Security Note Managing Device Security Using the Edit Security Dialog Note Creating a Security Set Create a Security Group Dialog Creating a Security Group Create a Security Group Member Dialog Page Creating a Security Group Member Editing the Security Configuration on a Switch Viewing Properties of a Security Set or Security Group Using the Security Config Dialog Archiving a Security Configuration to a File Activating a Security Set Deactivating a Security Set Using RADIUS Servers Note Adding a RADIUS Server Page Page Removing a RADIUS Server Editing RADIUS Server Information Modifying Authentication Order RADIUS Server Information Page Managing Switches Managing User Accounts Note Creating User Accounts Removing a User Account Changing a User Account Password Modifying a User Account Displaying Switch Information Switch Data Window Page Page Page Page Page Page Configuring Port Threshold Alarms Note Paging a Switch Setting the Date/Time and Enabling NTP Client Note Resetting a Switch Note Managing Switch Stacks Configuring a Switch Using the Configuration Wizard Note Switch Properties Domain ID and Domain ID Lock Note Syslog Symbolic Name Switch Administrative States Broadcast Support In-band Management Fabric Device Management Interface Advanced Switch Properties Timeo ut Value s Note Managing System Services Note Archiving a Switch Restoring a Switch Caution Page Testing a Switch Caution Note Restoring the Factory Default Configuration Page Configuring the Network Network Properties Network IP Configuration IPv4 and IPv6 Addressing Note Page Network DNS Configuration Page Network IP Security Security Policies Security Associations Note Create IP Security Association Dialog The Create IP Security Association dialog allows you to define a network IP security association. Page Create IP Security Policy Dialog The Create IP Security Policy dialog allows you to define a network IP security policy. Page Configuring SNMP SNMP Properties Note SNMP Configuration SNMP Trap Configuration Note SNMP v3 Security Note Page the user, click the OK button to save the settings and close the dialog. Downloading a Support File Installing Feature License Keys Installing Firmware Caution Note Using Call Home Page Page Using the Call Home Profile Manager Using the Call Home Profile Editor Page Page dialog. Applying All Profiles on a Switch to Other Switches Using the Call Home Message Queue Testing Call Home Profiles Page Page Managing Ports Displaying Port Information Port Statistics Data Window Page Page Page Port Information Data Window Page Advanced Group Extended Credits Group Digital Diagnostics Monitoring Media Group DDM Group Page Page Monitoring Port Status Displaying Port Types Displaying Port Operational States Displaying Port Speeds Displaying Transceiver Media Status Configuring Ports Note Changing Port Symbolic Name Changing Port Administrative States Changing Port Speeds Note Changing Port Types I/O Stream Guard Device Scan Auto Performance Tuning and AL Fairness Using the Extended Credits Wizard Page Note Resetting a Port Moving a Licensed Port Tes ti ng P ort s Page Note Graphing Port Performance Starting Performance View Exiting Performance View Saving and Opening Performance View Files Changing the Default Performance View File Encryption Key Setting Performance View Preferences Setting the Polling Frequency Note Displaying Graphs Arranging Graphs in the Display Note Customizing Graphs Page Note Setting Global Graph Type Rescaling a Selected Graph Printing Graphs Saving Graph Statistics to a File Glossary 2007 Enterprise Fabric Suite 2007 Page Page Index A B C D E F G H I L M R S T U V W X