HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)

ManualsBrandsHP ManualsStorageHP StorageWorks 4/32B SAN Switch

181

182

183

184

185

186

187

188

189

190

186 Installing and maintaining firmware

firmware\ 381MB 2007 Sep 28 15:33

v6.0.1\ 381MB 2007 Oct 19 10:39

config\ 0B 2007 Sep 28 15:33

support\ 0B 2007 Sep 28 15:33

firmwarekey\ 0B 2007 Sep 28 15:33

Available space on usbstorage 79%

Downloading the 6.1.1 image using the relative path

To download the 6.1.1 image using the relative path:

1. Log in to the switch as admin.

2. Issue the firmwareDownload command with the -U operand:

admin>firmwaredownload –U v6.1.1

Downloading the 6.1.1 image using the absolute path

To download the 6.1.1 image using the absolute path:

1. Log in to the switch as admin.

2. Issue the firmwareDownload command with the -U operand:

admin>firmwaredownload –U /usb/usbstorage/brocade/firmware/v6.1.1

Director restrictions for downgrading

Note the following restrictions:

• 4/256 SAN Director with one or more FR4-18i blades: If you are running 5.1.0 firmware, you cannot

downgrade to earlier versions without removing the blades.

• 4/256 SAN Director with one or more FC4-48 or FC4-16IP blades: If you are running Fabric OS 5.2.0,

you cannot downgrade to earlier versions without removing the blades.

• Do not remove blades until the EX_Ports are removed first. The firmwareDownload command will

indicate when the blades are safe to remove.

• 4/256 SAN Director with one or more FC10-6 blades: If you are running Fabric OS 6.0.0b or later, you

cannot downgrade to earlier versions without removing the blades.

• 4/256 SAN Director with one or more FC8-16 blades: If you are running Fabric OS 6.0.0b or later, you

cannot downgrade to earlier versions without removing the blade.

• DC Director with FC8-16/32/48 blades: If you are running Fabric 6.0.0b or later, you cannot

downgrade to earlier versions of Fabric OS as they are not supported on this Director.

FIPS Support

Federal information processing standards (FIPS) specify the security standards needed to satisfy a

cryptographic module utilized within a security system for protecting sensitive information in the computer

and telecommunication systems. For more information about FIPS, see ”Configuring advanced security

features” on page 107.

The 6.1.1 firmware is digitally signed using the OpenSSL utility to provide FIPS support. To use the digitally

signed software, you need to configure the switch to enable Signed Firmwaredownload. If it is not

enabled then the firmware download process ignores the firmware signature and works as before.

If signed firmwaredownload is enabled, and if the validation succeeds, the firmware download process

proceeds normally. If the firmware is not signed or if the signature validation fails, firmwareDownload will

fails.

To enable or disable FIPS, see ”Configuring advanced security features” on page 107.

Public and private key management

For signed firmware, we use RSA with 1024-bit length key pair. The Fabric OS requires a private key to

sign the firmware files. During the firmware download process, the public key must validate the signatures

of the firmware files. So the public key needs to be stored on the switch beforehand.