Filter
Top Products
McDATA® 4Gb SAN Switch for HP p-Class BladeSystem user guide 25
2 Managing fabrics
This section describes the following tasks that manage fabrics:
• RADIUS servers, page 25
• Securing a fabric, page 30
• Tracking fabric firmware and software versions, page 38
• Managing the fabric database, page 39
• Displaying fabric information, page 42
• Working with device information and nicknames, page 47
• Zoning a fabric, page 50
RADIUS servers
Remote Authentication Dial In User Service (RADIUS) provides a method to centralize the management of
authentication passwords in larger networks. It has a client/server model, where the server is the password
repository and third party authentication point and the clients are all of the managed devices. RADIUS can
be configured for devices and/or user accounts. The RADIUS server dialogs are available only on a secure
(SSL) fabric and on the entry switch (out of band switch). Refer to ”Connection security” on page 30 and
”System Services dialog” on page 80 for more information.
RADIUS is designed to authenticate users and devices using a challenge/response protocol. Basic
implementations consist of a central RADIUS server containing a database of authorized users as well as
authentication information. A RADIUS client wishing to verify the authenticity of a user issues a challenge
to the user and collects the response to the challenge. This information is forwarded to the RADIUS server
for authentication and the server responds with the results, either an accept or reject. The RADIUS client
does not need to be configured with any user authentication information, this all resides on the RADIUS
server and can be managed centrally and separately from the clients. In addition, no passwords are
exchanged between the RADIUS server and its clients. Authentication of requests from a RADIUS client to
the server and responses from the server to a client can also be authenticated. This requires sharing a
secret between the server and client. The accounting RADIUS supports the auditing of the users and switch
services such as Telnet, FTP, and switch management applications. The RADIUS Accounting Server enables
(True) or disables (False) the auditing of activity during a user session. The default is False. When enabled,
user activity is audited whether UserAuthServer is enabled or not. The accounting server UDP port number
is the ServerUDPPort value plus 1 (default 1813).