Brocade Secure Fabric OS Administrator's Guide (53-1000244-01, November 2006)
Secure Fabric OS Administrator’s Guide 2-1
Publication Number: 53-1000244-01
Chapter
2
Preparing the Fabric for Secure Fabric OS
Secure Fabric OS is supported by Fabric OS v2.6.2, v3.1.0, v4.1.0 and later; it can be added to fabrics
that contain any combination of these versions. This manual applies to v5.2.0 only, it is based on the
assumption that a compatible version of Fabric OS is running on all switches in the fabric before adding
Secure Fabric OS.
This chapter includes the following sections:
• “Prerequisites for a Secure Fabric Environment,” next
• “Verifying Compatible Fabric OS Version” on page 2-2
• “Verifying or Activating Secure Fabric OS and Advanced Zoning Licenses” on page 2-3
• “Verifying the Digital Certificate” on page 2-4
• “Configuring Switch-to-Switch Authentication” on page 2-22
• “Preparing SilkWorm 24000 for Secure Fabric OS” on page 2-26
• “Installing a Supported CLI Client on a Workstation” on page 2-28
Prerequisites for a Secure Fabric Environment
To implement Secure Fabric OS in a fabric, each switch in the fabric must have the following:
• A compatible version of Fabric OS. See “Verifying Compatible Fabric OS Version” on page 2-2
for a list of compatible versions and instructions on identifying the current Fabric OS version.
• An activated Secure Fabric OS license and Brocade Advanced Zoning license. See “Verifying
or Activating Secure Fabric OS and Advanced Zoning Licenses” on page 2-3 for detailed
instructions.
• The required PKI objects and a digital certificate. See “Verifying the Digital Certificate” on
page 2-4 for detailed instructions.
• Switch-to-switch authentication configured; note when using DH-CHAP, you must set up all
shared secrets before enabling secure mode. See “Configuring Switch-to-Switch Authentication”
on page 2-22 for switch authentication protocol set up instructions.
• Backup Fabric OS policies that are not compatible with Secure FOS; Fabric OS v5.1.0 and later
password policies and v5.2.0 local SCC and DCC ACL polices are not supported.
N
ote
Adding Secure Fabric OS to the fabric might require access to the Web site of the switch support
supplier. If the supplier is Brocade, navigate to http://partner.brocade.com (if a partner login is not
already assigned, follow the instructions to receive a username and password).