Manualshelf

Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620
181182183184185186187188189190
TABLE 29 Secure protocol support (continued)
Protocol Description
authenticate the remote computer and allow the remote computer to
authenticate the user, if necessary.
SSL Fabric OS uses Secure Socket Layer (SSL) to support HTTPS. A
certificate must be generated and installed on each switch to enable SSL.
Supports SSLv3, 128-bit encryption by default. Also supports TLSv1.0,
TLSv1.1, and TLSv1.2.
NOTE
Challenge Response Authentication (CRA) is supported in SCP and SSH sessions.
Table 30 describes additional software or certificates that you must obtain to deploy secure protocols.
TABLE 30 Items needed to deploy secure protocols
Protocol Host side Switch side
SSHv2 Secure shell client None
HTTPS No requirement on host side except a browser
that supports HTTPS
Switch IP certificate for SSL
SCP SSH daemon, SCP server None
SNMPv3 None None
The security protocols are designed with the four main use cases described in Table 31.
TABLE 31 Main security scenarios
Fabric Management interfaces Comments
Nonsecure Nonsecure No special setup is needed to use Telnet or
HTTP.
Nonsecure Secure Secure protocols may be used. An SSL switch
certificate must be installed if HTTPS is used.
Secure Secure Switches running earlier Fabric OS versions can
be part of the secure fabric, but they do not
support secure management.
Secure management protocols must be
configured for each participating switch.
Nonsecure protocols may be disabled on
nonparticipating switches.
If SSL is used, then certificates must be installed.
For more information on installing certificates,
refer to Installing a switch certificate on page
198.
Secure Nonsecure You must use SSH because Telnet is not
allowed with some features.
Secure Copy
The Secure Copy protocol (SCP) runs on port 22. It encrypts data during transfer, thereby avoiding packet sniffers that attempt to extract
useful information during data transfer. SCP relies on SSH to provide authentication and security.
Configuring Protocols
Brocade Fabric OS Administration Guide, 8.0.1
186 53-1004111-02