Brocade Web Tools Administrator's Guide v7.1.0 (53-1002756-01, March 2013)
Web Tools Administrator’s Guide 163
53-1002756-01
Chapter
15
Configuring Standard Security Features
In this chapter
•User-defined accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
•User-defined roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
•Access control list policy configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
•Fabric-Wide Consistency Policy configuration . . . . . . . . . . . . . . . . . . . . . . . 177
•Authentication policy configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
•SNMP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
•RADIUS management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
•Active Directory service management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
•TACACS+ management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
•IPsec concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
•IPsec over management ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
•Establishing authentication policies for HBAs. . . . . . . . . . . . . . . . . . . . . . . 200
User-defined accounts
In addition to the default accounts—root, factory, admin, and user—Fabric OS v7.0.0 and later
support up to 256 user-defined accounts in each logical switch (domain). These accounts expand
your ability to track account access and audit administrative activities.
When the Virtual Fabrics capability is enabled, each user-defined account is associated with the
following:
• Virtual Fabric ID—Specifies the accessible Virtual Fabrics for a user account.
• Home Virtual Fabric—Specifies the default Virtual Fabric for a user account.
• Role—Determines functional access levels within the Virtual Fabric.
Access rights for any user session are determined by the user’s role-based access rights. Refer to
Chapter 1, “Introducing Web Tools” for additional information about Role-Based Access Control
(RBAC).