Manualshelf

Administrator Guide

ManualsBrandsDell ManualsCompellent (SCStorage SCv2000
211212213214215216217218219220
About Access Policies
In earlier versions of the PS Series rmware, security protection was accomplished by individually conguring an access control
record for each volume to which you wanted to secure access. Each volume supported up to 16 dierent access control records,
which together constituted an access control list (ACL). However, this approach did not work well when large numbers of volumes
were present. To address that issue, PS Series groups incorporated access policies and access policy groups that can be applied to
one or more volumes.
Each access policy lets you specify one or more of the following authentication methods:
CHAP user name (Challenge Handshake Authentication Protocol)
IP address
iSCSI initiator name
You can assign up to four access policies or access policy groups to a volume. The access policies or access policy groups assigned
to a volume determine which hosts have access to that volume. In addition, you can allow or disallow volume access from multiple
initiators, depending on your conguration needs.
An access policy or access policy group can apply to the volume, its snapshots, or both. For example, you can authorize computer
access to a volume and its snapshots or to the volume only.
Create a Local CHAP Account
Use local CHAP accounts to make sure that only authorized users can access a PS Series group.
1. Click the Storage view.
2. In the Storage pane, select a PS Series group.
3. Click the Storage tab.
4. In the Storage tab navigation pane, select the Access node.
5. In the right pane, click Create Local CHAP Account. The Create Local CHAP Account dialog box opens.
6. In the Username eld, type the CHAP user name.
7. In the Password eld, type a password (otherwise known as a CHAP secret).
8. To enable the local CHAP account, select the Enable checkbox.
9. Click OK.
Edit a Local CHAP Account
Edit a local CHAP account to change the username/password and enable/disable the CHAP account.
1. Click the Storage view.
2. In the Storage pane, select a PS Series group.
3. Click the Storage tab.
4. In the Storage tab navigation pane, select the Access node.
5. In the Local CHAP Accounts area, select the local CHAP account to editt.
6. Click Edit. The Edit Local CHAP Account dialog box opens.
7. In the Username eld, type the CHAP user name.
8. In the Password eld, type a password (otherwise known as a CHAP secret).
9. To enable the local CHAP account, select the Enable checkbox.
To disable the local CHAP account, clear the Enable checkbox.
10. Click OK.
212
PS Series Storage Array Administration