Manualshelf

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch
611612613614615616617618619620
CHAPTER
Send feedback to nx5000-docfeedback@cisco.com
45-1
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
45
Configuring Port Security
Cisco Nexus 5000 Series switches provide port security features that reject intrusion attempts and report
these intrusions to the administrator.
Note Port security is supported on virtual Fibre Channel ports and physical Fibre Channel ports.
This chapter includes the following sections:
Information About Port Security, page 45-1
Configuring Port Security, page 45-3
Enabling Port Security, page 45-5
Port Security Activation, page 45-5
Auto-Learning, page 45-7
Port Security Manual Configuration, page 45-10
Port Security Configuration Distribution, page 45-12
Database Merge Guidelines, page 45-14
Database Interaction, page 45-15
Displaying Port Security Configuration, page 45-19
Default Settings, page 45-19
Information About Port Security
Typically, any Fibre Channel device in a SAN can attach to any SAN switch port and access SAN
services based on zone membership. Port security features prevent unauthorized access to a switch port
in the Cisco Nexus 5000 Series switch, using the following methods:
Login requests from unauthorized Fibre Channel devices (N ports) and switches (xE ports) are
rejected.
All intrusion attempts are reported to the SAN administrator through system messages.
Configuration distribution uses the CFS infrastructure, and is limited to those switches that are CFS
capable. Distribution is disabled by default.
Configuring the port security policy requires the Storage Protocol Services license. For additional
information, see Chapter 4, “Managing Licenses.