Brocade Access Gateway Administrator's Guide Supporting Fabric OS v7.0.0 (53-1002156-01, April 2011)
Access Gateway Administrator’s Guide 33
53-1002156-01
Advanced Device Security policy
3
Lists must be enclosed in quotation marks. List members must be separated by semicolons.
Replace the F_Port list with an asterisk (*) to add the specified WWNs to all the F_Ports' allow lists.
The ADS policy must be enabled for this command to succeed.
1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the ag --adsadd command with the appropriate options to add one or more new devices
to the list of allowed devices.
In the following example, two devices are added to the list of allowed devices (for ports 3 and
9).
switch:admin> ag --adsadd "3;9"
"20:03:08:00:88:35:a0:12;21:00:00:e0:8b:88:01:8b"
WWNs added successfully to Allow Lists of the F_Port[s]
Displaying the list of allowed devices on the switch
1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the ag --adsshow command.
switch:admin> ag --adsshow
F_Port WWNs Allowed
--------------------------------------------------------------------------
1 ALL ACCESS
3 20:03:08:00:88:35:a0:12
21:00:00:e0:8b:88:01:8b
9 20:03:08:00:88:35:a0:12
21:00:00:e0:8b:88:01:8b
10 ALL ACCESS
11 NO ACCESS
12 NO ACCESS
13 ALL ACCESS
--------------------------------------------------------------------------
ADS policy considerations
The following are considerations for setting the ADS policy:
• In cascading configurations, you should set the ADS policy on the AG module that directly
connects to the servers.
• The ADS policy can be enabled or disabled independent of the status of other AG policies.
• The ADS policy is not supported with device mapping.
Upgrade and downgrade considerations for the ADS policy
Downgrading to Fabric OS v6.4.0 or earlier is supported.
Upgrading from Fabric OS v6.4.0 to v7.0.0 or downgrading from Fabric OS v7.0.0 to v6.4.0 will not
change the ADS policy settings.