Brocade Secure Fabric OS Administrator's Guide (53-1000244-01, November 2006)
3-18 Secure Fabric OS Administrator’s Guide
Publication Number: 53-1000244-01
3
Table 3-7 displays the possible SES policy states.
To create an SES policy
1. From a sectelnet or SSH session, log in to the primary FCS switch as admin.
2. Type secPolicyCreate “SES_POLICY”, “member;...;member”.
member is a device port WWN.
3. To save or activate the new policy, enter either secPolicySave or secPolicyActivate.
If neither of these commands is entered, the changes are lost when the session is logged out. For
more information about these commands, see “Saving Changes to Secure Fabric OS Policies” on
page 3-26 and “Activating Changes to Secure Fabric OS Policies” on page 3-27.
For example, to create an SES_POLICY that allows access through a device that has a WWN of
12:24:45:10:0a:67:00:40:
Management Server Policy
The Management Server policy can be used to restrict which devices can be accessed by the
management server. Fabric configuration and control functions can be performed only by requesters
that are directly connected to the primary FCS switch. The policy is named MS_POLICY and contains
a list of device port WWNs for which the management server implementation in Fabric OS (designed
according to FC-GS-3 standard) accepts and acts on requests.
Table 3-8 displays the possible Management Server policy states.
N
ote
Only Fabric OS v2.6.2 supports the SES policy.
Table 3-7 SES Policy States
Policy State Characteristics
No policy All device ports can access SES.
Policy with no entries No device port can access SES.
Policy with entries The specified devices can access SES.
primaryfcs:admin> secpolicycreate "SES_POLICY", "12:24:45:10:0a:67:00:40"
SES_POLICY has been created.
Table 3-8 Management Server Policy States
Policy State Characteristics
No policy All devices can access the management server.
Policy with no entries No devices can access the management server.
Policy with entries Specified devices can access the management server.