beautypg.com

Fabric authentication, In this chapter, Fabric authentication with netconf overview – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

Page 255: Chapter 17, Chapter 17, “fabric authentication

background image

Network OS NETCONF Operations Guide

223

53-1003231-02

Chapter

17

Fabric Authentication

In this chapter

Fabric authentication with NETCONF overview . . . . . . . . . . . . . . . . . . . . . . 223

Device authentication configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

Switch Connection Control policy configuration . . . . . . . . . . . . . . . . . . . . . 228

Fabric authentication with NETCONF overview

When you connect a Brocade VCS Fabric to a Fabric OS fabric, the Network OS Fibre Channel
E_Ports on the Brocade VDX 6730 connect through Interswitch links (ISLs) to EX_Ports on an FC
router, which in turn connects to the Fabric OS network

.

To ensure that no unauthorized devices

can access the fabric, Network OS provides support for security policies and protocols capable of
authenticating Network OS devices (E_Ports) to the EX_Ports on the FC router that provides access
to the SAN storage and services.

This chapter describes how to use NETCONF remote procedure calls (RPCs) to configure fabric
authentication and Switch Connection Control (SCC) policies. Refer to the Network OS
Administrator’s Guide for the following related information:

An overview of the Diffie Hellman - Challenge Handshake Authentication Protocol (DH-CHAP)

An overview of how shared secret keys are used

A overview of authentication policy configuration including details about each possible
authentication state and the transitions among them

An overview of SCC policies, including a discussion about defined and active policy sets

How to configure fabric authentication and SCC using the Network OS command line interface
(CLI)

Through the NETCONF interface, you can perform the following fabric authentication-related
operations:

Use the RPC to set authentication parameters and activate the FC-AUTH protocol.

Use the RPC to validate configuration settings.

Use the // custom action to configure shared DH-CHAP shared
secrets.

Use the // custom action to return the device (WWN) for which the
shared secret is configured.

Through the NETCONF interface, you can perform the following SCC policy-related operations:

Use the RPC to configure the SCC policy.

Use the / custom action to activate the SCC policy.

Use the RPC to verify SCC policy configuration settings.

See also other documents in the category Brocade Computer Accessories: