Manualshelf

Brocade Web Tools Administrator's Guide - Supporting Fabric OS v7.0.0 (53-1002152-01, March 2012)

ManualsBrandsHP ManualsComputer AccessoriesHP Multi Protocol Blade Performance Extension LTU
201202203204205206207208209210
Web Tools Adminstrator’s Guide 175
53-1002152-01
Chapter
16
Configuring Standard Security Features
In this chapter
User-defined accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
User-defined roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Access control list policy configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Fabric-Wide Consistency Policy configuration . . . . . . . . . . . . . . . . . . . . . . . 190
Authentication policy configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
SNMP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
RADIUS management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Active Directory service management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
IPsec concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
IPsec over FCIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
IPsec over management ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Establishing authentication policies for HBAs. . . . . . . . . . . . . . . . . . . . . . . 213
User-defined accounts
In addition to the default accounts—root, factory, admin, and user—Fabric OS v7.0.0 supports up to
256 user-defined accounts in each logical switch (domain). These accounts expand your ability to
track account access and audit administrative activities.
When the Virtual Fabrics capability is enabled, each user-defined account is associated with the
following:
Virtual Fabric ID—Specifies the accessible Virtual Fabrics for a user account.
Home Virtual Fabric—Specifies the default Virtual Fabric for a user account.
Role—Determines functional access levels within the Virtual Fabric.
When the Admin Domain capability is enabled, each user-defined account is associated with the
following:
Admin Domain list—Specifies the accessible Admin Domains for a user account.
Home Admin Domain—Specifies the default Admin Domain for a user account. The home
Admin Domain must be a member of the user’s Admin Domain list.
Role—Determines functional access levels within the bounds of the user’s current Admin
Domain.
NOTE
Virtual Fabrics and Admin Domains are mutually exclusive.