Brocade Fabric OS Command Reference Manual (53-1000240-01, November 2006)
2-572 Fabric OS Command Reference Manual
Publication Number: 53-1000240-01
secPolicyAdd
2
Note: Enter commands in lowercase only; mixed case is for readability.
secPolicyAdd
Adds members to an existing security policy.
Synopsis secpolicyadd "name"[, "member [;member...]"]
Description Use this command to add member to an existing access policy. The new members must not already be
members within the policy or the command fails.
Each policy corresponds to a management method. The list of members of a policy acts as an access
control list for that management method. When security is first enabled using the secModeEnable
command, only the FCS_POLICY exists. Before a policy is created, there is no enforcement for that
management method; all access is granted. After a policy has been created and a member has been added
to the policy, that policy becomes closed to all access except from included members. If all members are
then deleted from the policy, all access is denied for that management access method (the DCC_POLICY
is an exception).
N
ote
Do not add the WWNs of front or translate (xlate) domains to the FCS policy if the secure edge fabric is
connected to an FC Router.
N
ote
When secure mode is enabled, this command can be issued only from the primary FCS switch.
Operands This command has the following operands:
"name" Specify the name of an existing policy to which you want to add members. Valid
values for this operand are:
• DCC_POLICY_nnn
•FCS_POLICY
• TELNET_POLICY
• HTTP_POLICY
•API_POLICY
•RSNMP_POLICY
•WSNMP_POLICY
•SES_POLICY
• MS_POLICY
• SERIAL_POLICY
• FRONTPANEL_POLICY
•SCC_POLICY
• OPTIONS_POLICY
The specified policy name must be capitalized.
The DCC_POLICY_nnn name has the common prefix DCC_POLICY_ followed
by a string of user-defined characters. These characters do not have to be