Reference Guide
LDAP configuration and OpenLDAP.................................................................................................................................................................................................176
TACACS+ service.......................................................................................................................................................................................................................................... 180
Remote authentication configuration on the switch...................................................................................................................................................................182
Configuring local authentication as backup.................................................................................................................................................................................... 184
Configuring Protocols......................................................................................................................................................................................................................................................185
Security protocols.................................................................................................................................................................................................................................................... 185
Secure Copy................................................................................................................................................................................................................................................................186
Setting up SCP for configuration uploads and downloads.................................................................................................................................................... 187
Secure Shell protocol............................................................................................................................................................................................................................................. 187
SSH public key authentication................................................................................................................................................................................................................ 187
Managing SecCryptoCfg templates....................................................................................................................................................................................................190
Configuring the ciphers, KEX, and MAC algorithms............................................................................................................................................................................194
Secure Sockets Layer protocol .......................................................................................................................................................................................................................195
Browser and Java support........................................................................................................................................................................................................................ 195
SSL configuration overview..................................................................................................................................................................................................................... 195
The browser ..................................................................................................................................................................................................................................................... 199
Root certificates for the Java plugin..................................................................................................................................................................................................200
Simple Network Management Protocol...................................................................................................................................................................................................200
SNMP Manager..............................................................................................................................................................................................................................................201
SNMP Agent.................................................................................................................................................................................................................................................... 201
Management Information Base.............................................................................................................................................................................................................201
Basic SNMP operation...............................................................................................................................................................................................................................201
Configuring SNMP using CLI...............................................................................................................................................................................................................202
Telnet protocol............................................................................................................................................................................................................................................................. 211
Blocking Telnet..................................................................................................................................................................................................................................................211
Unblocking Telnet.......................................................................................................................................................................................................................................... 212
Listener applications...............................................................................................................................................................................................................................................213
Ports and applications used by switches....................................................................................................................................................................................................213
Port configuration...........................................................................................................................................................................................................................................214
Configuring Security Policies.......................................................................................................................................................................................................................................215
ACL policies overview...........................................................................................................................................................................................................................................215
How the ACL policies are stored.......................................................................................................................................................................................................... 215
Policy members..............................................................................................................................................................................................................................................216
ACL policy management.....................................................................................................................................................................................................................................216
Displaying ACL policies..............................................................................................................................................................................................................................216
Saving changes without activating the policies.............................................................................................................................................................................216
Activating ACL policy changes...............................................................................................................................................................................................................217
Deleting an ACL policy................................................................................................................................................................................................................................217
Adding a member to an existing ACL policy..................................................................................................................................................................................217
Removing a member from an ACL policy......................................................................................................................................................................................218
Abandoning unsaved ACL policy changes.....................................................................................................................................................................................218
FCS policies................................................................................................................................................................................................................................................................ 218
FCS policy restrictions................................................................................................................................................................................................................................ 219
Ensuring fabric domains share policies ......................................................................................................................................................................................... 220
Creating an FCS policy.............................................................................................................................................................................................................................220
Modifying the order of FCS switches...............................................................................................................................................................................................220
FCS policy distribution................................................................................................................................................................................................................................221
Device Connection Control policies.............................................................................................................................................................................................................222
Virtual Fabrics considerations ..............................................................................................................................................................................................................222
Brocade Fabric OS Administration Guide, 8.0.1
8 53-1004111-02