Manualshelf

Brocade Fabric Manager Administrator's Guide v6.1.0 (53-10000610-02, June 2008)

ManualsBrandsHP ManualsStorageHP DC04 SAN Director Switch
201202203204205206207208209210
Fabric Manager Administrator’s Guide 183
53-10000610-02
Chapter
13
Configure Standard Security Features
In this chapter
Password management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Secure communication over HTTPS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Truststore management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Administrative Domain management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Access Control List management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Propagation of RADIUS configuration across switches. . . . . . . . . . . . . . . . 189
A note about security
Due to FAL API limitations, Fabric Manager does not support Security Operations for the user role
SecurityAdmin.
Password management
Fabric Manager stores switch passwords to the server automatically (by default). Use the following
procedure to enable switch passwords to be saved to the server or disable switch passwords from
being saved to the server.
NOTE
If you disable switch passwords from being saved to the server, then you need to monitor the fabrics
again when you restart the client. In this case, a message dialog displays on client startup about the
missing credentials; you must click Provide credentials now in that dialog and enter seed switch
credentials to start monitoring the fabrics. You can provide the credentials for the rest of the
switches in the fabric by clicking Discovery > Switch Login.
This section also describes how you can set the password for accounts with the role of admin,
which includes the default admin account as well as non-default user accounts that have the
admin role. You can change the password on a single switch or on multiple nonsecure switches
simultaneously. Other accounts with administrator-level privileges, such as “root” or “factory”, are
excluded. You cannot use a RADIUS server for authentication on a selected switch.
You cannot set the “admin” account password on any switches in secure mode. See “Admin
security password change” on page 256 for information about using passwords in secure fabrics.
Brocade 3016 and Brocade 4020: The default administrative account is called “USERID”. On all
other models, the default administrative account is “admin”. You must rename the administrative
account from USERID to the Brocade default, admin, before changing the administrator password.
For instructions on changing this name, see the Fabric OS Administrator’s Guide.