Configuring security profiles, Deleting a port-profile-port – Brocade Network OS Administrator’s Guide v4.1.1 User Manual
Page 334

• Without PFC.
switch(config-qos-profile)# qos flowcontrol tx on rx on
• With PFC for each CoS.
switch(config-qos-profile)# qos flowcontrol pfc 1 tx on rx on
switch(config-qos-profile)# qos flowcontrol pfc 2 tx on rx on
8. Exit QoS profile mode.
switch(config-qos-profile)# exit
9. Activate the profile.
switch(config)# port-profile vm1-port-profile activate
10.Associate the profile to the MAC address for each host.
switch(config)# port-profile vm1-port-profile static 0050.56bf.0001
switch(config)# port-profile vm1-port-profile static 0050.56bf.0002
switch(config)# port-profile vm1-port-profile static 0050.56bf.0003
switch(config)# port-profile vm1-port-profile static 0050.56bf.0004
switch(config)# port-profile vm1-port-profile static 0050.56bf.0005
Configuring security profiles
A security profile defines all the security rules needed for the server port. A typical security profile
contains attributes for MAC-based standard and extended ACLs. Security profiles are applied to the
ACLs based on the profile or PolicyID. Therefore, multiple security profiles can be applied to the same
profiled port.
To configure the security profile, perform the following steps in global configuration mode.
1. AMPP profiles cannot be modified while active. Deactivate the port-profile before modifying the
security profile.
switch(config)# no port-profile vm1-port-profile activate
2. Enter security profile configuration mode.
switch(config)# port-profile vm1-port-profile
switch(config-pp)# security-profile
switch(config-pp-security)#
3. Modify the ACL security attributes. Refer to
on page 461 for details.
4. Apply the ACL to the security profile.
switch(config-pp-security)# mac access-group vm1-acl in
5. Exit security profile configuration mode.
switch(config-pp-security)# exit
6. Activate the profile.
switch(config)# port-profile vm1-port-profile activate
7. Associate the profile to the MAC address for each host.
switch(config)# port-profile vm1-port-profile static 0050.56bf.0001
switch(config)# port-profile vm1-port-profile static 0050.56bf.0002
switch(config)# port-profile vm1-port-profile static 0050.56bf.0003
switch(config)# port-profile vm1-port-profile static 0050.56bf.0004
switch(config)# port-profile vm1-port-profile static 0050.56bf.0005
8. Activate the interface configuration mode for the interface you wish to modify.
The following example activates the mode for the 10-gigabit Ethernet interface in slot 0/port 0.
switch(config)# interface tengigabitethernet 1/0/1
9. Configure port-profile-port on the physical interface.
switch(conf-int-te-1/0/1)# port-profile-port
Deleting a port-profile-port
To delete a port-profile-port, perform the following steps in global configuration mode.
1. Activate the interface configuration mode for the interface you wish to modify.
Configuring security profiles
334
Network OS Administrator’s Guide
53-1003225-04