Q-Logic 5000 Switch User Manual


 
59183-02 A 9-1
Section 9
Device Security Configuration
This section describes the following tasks:
Displaying Security Database Information
Configuring the Security Database
Modifying the Security Database
Resetting the Security Database
Managing Security Sets
Managing Groups
Device security provides for the authorization and authentication of devices that
you attach to a switch. You can configure a switch with a group of devices against
which the switch authorizes new attachments by devices, other switches, or
devices issuing management server commands.
Device security is defined through the use of security sets and groups. A group is
a list of device worldwide names that are authorized to attach to a switch. There
are three types of groups: one for other switches (ISL), another for devices (port),
and a third for devices issuing management server commands (MS). A security
set is a set of up to three groups with no more than one of each group type. The
security database is made up of all security sets on the switch.
In addition to authorization, the switch can be configured to require authentication
to validate the identity of the connecting switch, device, or host. Authentication
can be performed locally using the switch’s security database, or remotely using a
Remote Dial-In User Service (RADIUS) server such as Microsoft® RADIUS.
NOTE:
Device security requires the Fabric Security license key. To purchase a
license key, contact your authorized maintenance provider or authorized
reseller.