Manualshelf

McDATA 4Gb SAN Switch for HP p-Class BladeSystem User Guide (AA-RW20B-TE, December 2005)

ManualsBrandsHP ManualsSoftwareHP Open Trunking for Edge Switch 2/32 PFE
21222324252627282930
McDATA® 4Gb SAN Switch for HP p-Class BladeSystem user guide 29
2 Managing fabrics
This section describes the following tasks that manage fabrics using McDATA Web Server:
Securing a fabric, page 29
Tracking fabric firmware and software versions, page 39
Managing the fabric database, page 40
Displaying fabric information, page 44
Working with device information and nicknames, page 50
Zoning a fabric, page 52
Securing a fabric
Fabric security consists of the following:
Security consistency checklist, page 29
Connection security, page 29
User account security, page 30
Remote authentication, page 30
Device security, page 30
Fabric services, page 38
Security consistency checklist
The Security Consistency Checklist dialog enables you to compare security-related features on switches to
check for inconsistencies. Any changes must be made through the appropriate dialog, such as Network
Properties dialog, Switch Properties dialog, or SNMP Properties dialog. Select Switch > Security
Consistency Checklist to open the Security Consistency Checklist dialog.
Connection security
Connection security provides an encrypted data path for switch management methods. The switch supports
the Secure Shell (SSH) protocol for the CLI and the Secure Socket Layer (SSL) protocol for management
applications such as McDATA Web Server, McDATA Element Manager, and Common Information Module
(CIM). See ”Configuring system services” on page 83 for information about enabling the SSH and SSL
services.
The SSL handshake process between the workstation and the switch involves the exchanging of certificates.
These certificates contain the public and private keys that define the encryption. The switch certificate is
valid for one year beginning with its creation date and time. The workstation validates the switch certificate
by comparing the workstation date and time to the switch certificate creation date and time. For this
reason, it is important to synchronize the workstation and switch with the same date, time, and time zone.
If a certificate has not been created by the user, the switch will automatically create one. If SSL connection
security is required, also consider using the Network Time Protocol (NTP) service to synchronize date/time
between workstations and switches.