Filter
Top Products
• Enhanced Maintenance Por t Security—This allows users to enable enhanced
authorization on the ma intenance port, which is the switch or director RS-232
connection. Enhanced Authorization mode enforces stronger security policies,
requiring users to change the well-known password to a case- sensitive private
password the first time they use the maintenance port. Subsequent access by
service p ersonnel will require log in through the private customer-level access.
• Security Log—TheSecurityLogisanewlogavailableinEWS,CLI,andHAFM
that records various events concerning integrity of a switch. This includes
authorization or authentication problem detection, and approved and invalid
access attempts. Each log entry provides an event number or reason, a date/time
stamp, a trigger level (a type of security event severity), an event count, and a
category and data pertaining to the specific event. The log wraps at 200 entries.
This log provides customers with details to track down at tempted security threats
and identify the source of problems that might jeopardize the switch integrity.
• IP Access Control List—This allows users to establish a list of IP addresses from
which the switch is allowed to accept connections. This prevents users who
have access to the Ethernet LAN from at tempting to access the Fibre Channel
switches. Connection a ttempts from unauthorized IP addresses are ignored by
the switch, making it appear that no device is connected. This is primarily
intended for environments that are not on a private, inaccessible subnet, such as
when installed in most cabinet con figurations with a dual-NIC HAFM appliance
Processor.
Advanced Fabric Diagnostics
This provides tools to monitor the fabric and identify potential problems before
they im
pact network and application per formance. Tools include ISL Fencing, new
switch
-centric Fabric and Embedded Port Logs, an Audit Log for the embedded user
inter
faces, and access to the Digital Diagnostic capabilities included with newer SFP
transceivers.
ISL fencing
Also called Port Fencing, this feature allows customers to set up policies for blocking
an ISL when problems occur that cause an ISL to “bounce” or repeatedly attempt to
establish a connection. Any time an ISL is brought up or down, a fabric rebuild occurs,
whichcancausedisruptioninsomeenvironments.ISLFencingwilllessenthelikelihood
of having a problematic ISL connection disrupt a SAN.
To configure this feature, users set policies with thresholds based on the number of
port events occurring du ring a set time period. If a port generates enough events to
exceed the policy threshold, the port is automatically blocked and the user is notified.
Transmit and receive traffic is disabled until the user can investigate, solve the problem,
and manually unblock the port.
Edge Switch release notes
15