Manualshelf

Specifications

ManualsBrandsCompaq ManualsCarrying Case8/20q
21222324252627282930
8/20q Fibre Channel Switch installation and reference guide 23
Secure Socket Layer (SSL): Provides for secure SSL connections for the QuickTools web applet and
SMI-S. This service must be enabled to authenticate users through a Remote Authenticaton Dial-in
Service (RADIUS) server. To enable secure SSL connections, you must first synchronize the date and time
on the switch and the workstation. Enabling SSL automatically creates a security certificate on the
switch. The default is disabled.
NOTE: Simple SAN Connection Manager version 1.0 does not support the SSL service. If SSL is
enabled, you will be unable to manage the switch using this version of Simple SAN Connection
Manager.
QuickTools web applet (EmbeddedGUI): Provides for access to the QuickTools web applet. QuickTools
enables you to point at a switch with an internet browser and manage the switch through the browser.
The default is enabled.
Simple Network Management Protocol (SNMP): Provides for the management of the switch through
third-party applications that use the Simple Network Management Protocol (SNMP). Security consists
of a read community string and a write community string that serve as passwords that control read and
write access to the switch. These strings are set at the factory to these well-known defaults and should
be changed if SNMP is to be enabled. Otherwise, you risk unwanted access to the switch. The default
is enabled.
Common Information Model (CIM): Provides for the management of the switch through third-party
applications that use the Storage Management Initiative–Specification (SMI-S). The default is enabled.
File Transfer Protocol (FTP): Provides for transferring files rapidly between the workstation and the switch
using FTP. The default is enabled.
Management Server (MS): Enables or disables the management of the switch through third-party
applications that use FC-GS-3 Management Server. The default is disabled.
Call Home:
IMPORTANT: The Call Home service provides an e-mail notification capability for the switch. This
service has no relationship with the HP Call Home feature, which notifies only HP services.
Provides for automated e-mail notification of switch status and operating conditions based on specified
event severity levels. The default is enabled. The Call Home service requires an Ethernet connection to
at least one Simple Mail Transfer Protocol (SMTP) server. You must configure the Call Home service to
do the following:
Enable primary and secondary SMTP servers and specify their IP addresses
Specify contact information
Configure one or more Call Home profiles to specify e-mail recipients, message format, and the event
severity level that will initiate a message.
Fabric security
An effective security profile begins with a security policy that states the requirements. A threat analysis is
needed to define the plan of action, followed by an implementation that meets the security policy
requirements. Internet portals, such as remote access and E-mail, usually present the greatest threats. Fabric
security should also be considered in defining the security policy.
Most fabrics are located at a single site and are protected by physical security, such as key-code locked
computer rooms. For these cases, security methods, such as user passwords for equipment and zoning for
controlling device access, are satisfactory.
Fabric security is needed when security policy requirements are more demanding; for example, when
fabrics span multiple locations and traditional physical protection is insufficient to protect the IT
infrastructure. Another benefit of fabric security is that it creates a structure that helps prevent unintended
changes to the fabric.