Brocade Communications Systems 53-1001778-01 Computer Accessories User Manual

Open as PDF

of 90

Brocade SMI Agent User’s Guide 23

53-1001778-01

SMI Agent security

b. Configure the WBEM client to use client certificates to communicate with the SMI-A. (See

“Client configuration to use client certificates” on page 48.)

The changes take effect when you restart the server. Click Start Server to restart the server.

Configuring mutual authentication for indications

By default, mutual authentication for indications is disabled, which means that the SMI-A uses SSL

to send CIM-XML indications to a WBEM client listener, but does not attempt to verify the identity of

the WBEM client listener. When mutual authentication for indications is enabled, then only those

clients whose certificates have been added to the SMI-A Indications TrustStore can use SSL to

receive indications from the SMI-A. That is, the SMI-A must have a TrustStore that contains a

certificate for an entry in the client’s Indications KeyStore.

When you disable or enable mutual authentication for indications, the SMI-A server must be

stopped.

1. Launch the Brocade SMI Agent Configuration Tool.

2. Click Mutual Authentication(Indication) in the menu tree (see Figure 10 on page 24).

The content pane displays the current setting, which is selected and dimmed.

3. To enable mutual authentication for indications, click the Enable Indication Authentication

radio button. If this option is unavailable, then mutual authentication for indications is already

enabled.

To disable mutual authentication for indications, click the Disable Indication Authentication

radio button. If this option is unavailable, then mutual authentication for indications is already

disabled.

4. Click the Stop Server to stop the SMI-A, if it is running. This button is unavailable if the server is

already stopped.

5. Click Apply.

6. If you enabled mutual authentication for indications, you can perform the following optional

steps to allow only secure communication with trusted clients:

a. Disable HTTP access so that only HTTPS access is available to the clients. (See

“Configuring HTTP access” on page 24.) Clients should preferably use HTTPS for all

communications purposes if mutual authentication is enabled.

If you do not disable HTTP access, then any client can communicate with the SMI-A using

HTTP access.

b. Configure the WBEM client to use client certificates to communicate with the SMI-A. (See

“Client configuration to use client certificates” on page 48.)

The changes take effect when you restart the server. Click Start Server to restart the server.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Brocade Communications Systems 53-1001778-01 Computer Accessories User Manual