Filter
Top Products
3 – Planning
Fabric Security
59042-06 A 3-11
0
3.5
Fabric Security
Fabric security consists of the following:
User account security
Fabric services
3.5.1
User Account Security
User account security consists of the administration of account names,
passwords, expiration date, and authority level. If an account has Admin authority,
all management tasks can be performed by that account in both SANsurfer Switch
Manager and the Command Line Interface. Otherwise only monitoring tasks are
available. The default account name, Admin, is the only account that can
administer user accounts. Consider your management needs and determine the
number of user accounts, their authority needs, and expiration dates.
Account names and passwords are always required when connecting to a switch
through Telnet. However, SANsurfer Switch Manager does not authenticate
account names when opening a fabric unless user authentication is enabled. User
authentication is disabled by default and can be changed using the Set Setup
System command. Refer to the ”Set Setup Command” on page B-49 for more
information. User authentication must be configured the same for all switches in
the fabric. If user authentication is disabled, SANsurfer Switch Manager ignores
the account name and password entries and logs you in with the default account
name and password (admin, password). Consider your user accounts and
determine whether user authentication is necessary.
3.5.2
Fabric Services
Fabric services include security-related functions such as inband management
and SNMP. Inband management is the ability to manage switches across
inter-switch links using SANsurfer Switch Manager, SNMP, management server,
or the application programming interface. The switch comes from the factory with
inband management enabled. If you disable inband management on a particular
switch, you can no longer communicate with that switch by means other than a
direct Ethernet or serial connection.