Manualshelf

Brocade Secure Fabric OS Administrator's Guide - Supporting Fabric OS v3.2.0, v4.4.0, v5.0.1, v5.1.0, 5.2.0, and 5.3.0 (53-1000244-02, June 2007)

ManualsBrandsHP ManualsStorageBrocade 4Gb SAN Switch
21222324252627282930
Secure Fabric OS Administrator’s Guide 7
53-1000244-02
Chapter
2
Preparing the Fabric for Secure Fabric OS
Secure Fabric OS is supported by Fabric OS v2.6.2, v3.1.0, v4.1.0 and later; it can be added to
fabrics that contain any combination of these versions. This manual applies to v5.3.0 only, it is
based on the assumption that a compatible version of Fabric OS is running on all switches in the
fabric before adding Secure Fabric OS
NOTE
Adding Secure Fabric OS to the fabric might require access to the Web site of the switch support
supplier. If the supplier is Brocade, navigate to http://partner.brocade.com (if a partner login is not
already assigned, follow the instructions to receive a username and password).
In this chapter
Prerequisites for a Secure Fabric Environment . . . . . . . . . . . . . . . . . . . . . . . . 7
Verifying Compatible Fabric OS Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses . . . 9
Verifying the Digital Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Configuring Switch-to-Switch Authentication . . . . . . . . . . . . . . . . . . . . . . . . . 26
Preparing Brocade 24000 for Secure Fabric OS. . . . . . . . . . . . . . . . . . . . . . 29
Installing a Supported CLI Client on a Workstation. . . . . . . . . . . . . . . . . . . . 31
Prerequisites for a Secure Fabric Environment
To implement Secure Fabric OS in a fabric, each switch in the fabric must have the following:
A compatible version of Fabric OS. See “Verifying Compatible Fabric OS Version” on page 8 for
a list of compatible versions and instructions on identifying the current Fabric OS version.
An activated Secure Fabric OS license and Brocade Advanced Zoning license. See “Verifying or
Activating Secure Fabric OS and Advanced Zoning Licenses” on page 9 for detailed
instructions.
The required PKI objects and a digital certificate. See Verifying the Digital Certificate” on
page 10 for detailed instructions.
Switch-to-switch authentication configured; note when using DH-CHAP, you must set up all
shared secrets before enabling secure mode. See “Configuring Switch-to-Switch
Authentication” on page 26 for switch authentication protocol set up instructions.
Backup Fabric OS policies that are not compatible with Secure FOS; Fabric OS v5.1.0 and later
password policies and v5.2.0 local SCC and DCC ACL polices are not supported.
Remove user-defined Administrative Domains: Secure mode does not support Administrative
Domains, therefore remove all user-defined ADs (AD1-254).