3 – Planning
Device Access
59021-07 A 3-13
D
3. Create an ISL group (Group_ISL) in Security_Set_1 with Switch_2 as its
member. Only Switch_2 need be a member because there is no
authentication between the switches.
4. Configure security on HBA_1 using the appropriate management tool.
Logins between the Switch_1 and HBA_1 will be challenged (CHAP) for
their respective secrets. Therefore, the secrets for Switch_1 and HBA_1 that
you configured on Switch_1 must also be configured on HBA_1.
5. Save Security_Set_1 and prepare to activate it. Activating a security set
does not affect currently logged-in ports. Therefore, to apply the security
policy that you designed in the security database, you must offline the
secured ports, activate the security set, then place the secured ports back
online.
Port Group: Group_Port
Switch_1 Node WWN: 10:00:00:c0:dd:07:e3:4c
Authentication: CHAP
Secret: 0123456789abcdef0123456789abcdef
HBA_1 Node WWN: 10:00:00:c0:dd:07:c3:4d
Authentication: CHAP
Secret: fedcba9876543210fedcba9876543210fedcba
ISL Group: Group_ISL
Switch_2
Node WWN: 10:00:00:c0:dd:07:e3:4e
Authentication: None
Binding: None