Reference Guide
NOTE
Starting with Fabric OS 7.3.0, Access Gateways are capable of receiving the password database distributed by native switches
and domains. However, the Access Gateways are not capable of distributing the password database to the switches or
domains.
Database distribution settings
The distribution settings control whether a switch accepts or rejects distributions of databases from other switches and whether the
switch may initiate a distribution. Configure the distribution setting to reject when maintaining the database on a per-switch basis.
Table 50 lists the databases supported in Fabric OS v6.2.0 and later switches.
TABLE 50 Supported policy databases
Database type Database identifier (ID)
Authentication policy database AUTH
DCC policy database DCC
FCS policy database FCS
IP Filter policy database IPFILTER
Password database PWD
SCC policy database SCC
Use the chassisDistribute command to distribute IP filter policies. To distribute other security policies, use the distribute command. The
distribute command distributes the database also to Access Gateways in non-VF mode.
Displaying the database distribution settings
1. Connect to the switch and log in using an account with admin permissions, or an account with OM permissions for the
FabricDistribution RBAC class of commands.
2. Enter the fddCfg --showall command.
The following sample output shows the database distribution settings.
switch:admin> fddcfg --showall
Local Switch Configuration for all Databases:-
DATABASE - Accept/Reject
---------------------------------
SCC - accept
DCC - accept
PWD - accept
FCS - accept
AUTH - accept
IPFILTER - accept
Fabric Wide Consistency Policy:- ""
Enabling local switch protection
1. Connect to the switch and log in using an account with admin permissions, or an account with OM permissions for the
FabricDistribution RBAC class of commands.
2. Enter the fddCfg --localreject command.
Configuring Security Policies
Brocade Fabric OS Administration Guide, 8.0.1
53-1004111-02 243