Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620

211

212

213

214

215

216

217

218

219

220

Policy members

The FCS, DCC and SCC policy members are specified by device port WWN, switch WWN, domain IDs, or switch names, depending on

the policy. The valid methods for specifying policy members are listed in Table 38.

TABLE 38 Valid methods for specifying policy members

Policy name Device port WWN or Fabric

port WWN

Switch WWN Domain ID Switch name

FCS_POLICY No Yes Yes Yes

DCC_POLICY_

nnn

Yes Yes Yes Yes

SCC_POLICY No Yes Yes Yes

ACL policy management

All policy modifications are temporarily stored in volatile memory until those changes are saved or activated. You can create multiple

sessions to the switch from one or more hosts. It is recommended you make changes from one switch only to prevent multiple

transactions from occurring. Each logical switch will have its own access control list.

The FCS, SCC and DCC policies in Secure Fabric OS are not interchangeable with Fabric OS FCS, SCC and DCC policies. Uploading

and saving a copy of the Fabric OS configuration after creating policies is strongly recommended. For more information on

configuration uploads, see Maintaining the Switch Configuration File on page 257.

NOTE

All changes, including the creation of new policies, are saved and activated on the local switch only--unless the switch is in a

fabric that has a strict or tolerant fabric-wide consistency policy for the ACL policy type for SCC or DCC. See Policy database

distribution on page 242 for more information on the database settings and fabric-wide consistency policy.

Displaying ACL policies

You can view the active and defined policy sets at any time. In addition, within a defined policy set, any policies created in the same login

session will be listed, but these policies are automatically deleted if you log out without saving them.

To view the active and defined policy sets, complete the following steps.

1. Connect to the switch and log in using an account with admin permissions, or an account with “O” permission for the Security

RBAC class of commands.

2. Enter secPolicyShow.

The following example shows the command and a typical response

switch:admin> secPolicyShow

____________________________________________________

ACTIVE POLICY SET

____________________________________________________

DEFINED POLICY SET

Saving changes without activating the policies

1. Connect to the switch and log in using an account with admin permissions, or an account with OM permissions for the Security

RBAC class of commands.

2. Enter the secPolicySave command.

Configuring Security Policies

Brocade Fabric OS Administration Guide, 8.0.1

216 53-1004111-02