3 – Planning
Fabric Security
3-16 59043-03 A
D
2. Create a Management Server group (Group_1) in Security_Set_2 with
Switch_2 and HBA_2 or APP_2 as its member.
You must specify HBAs by node worldwide name. Switches can be
specified by port or node worldwide name. The type of switch
worldwide name you use in the switch security database must be the
same as that in the HBA security database. For example, if you specify
a switch with a port worldwide name in the switch security database,
you must also specify that switch in the HBA security database with the
same port worldwide name.
For MD5 authentication, create 32-character hex secrets.
3. Configure security on HBA_2 or APP_2 using the appropriate management
tool. Logins between the Switch_2 and HBA_2 or APP_2 will be challenged
(MD5) for their respective secrets. Therefore, the secrets that you
configured for HBA_2 or APP_2 on Switch_2 must also be configured on
HBA_2 or APP_2.
4. Save Security_Set_2 and prepare to activate it. Activating a security set
does not affect currently logged-in ports. Therefore, to apply the security
policy that you designed in the security database, you must offline the
secured ports, activate the security set, then place the secured ports back
online.
MS Group: Group_1
Switch_2 Node WWN: 10:00:00:c0:dd:07:c3:4e
CT Authentication: MD5
Secret: 9876543210fedcba9876543210fedcba
HBA_2 or APP_2 Node WWN: 10:00:00:c0:dd:07:c3:4d
CT Authentication: MD5
Secret: fedcba9876543210fedcba9876543210