Security considerations for fa-pwwn – Brocade Fabric OS Administrators Guide (Supporting Fabric OS v7.3.0) User Manual
Page 453
‐
Brocade DCX, DCX-4S, and DCX 8510 family
‐
Brocade 300
‐
Brocade 5100
‐
Brocade 5300
‐
Brocade 6505
‐
Brocade 6510
‐
Brocade 6520
‐
Brocade VA-40FC
• Access Gateway platforms running Fabric OS v7.0.0 or later:
‐
Brocade 300
‐
Brocade 5100
‐
Brocade 6505
‐
Brocade 6510
Refer to the release notes for the supported Brocade HBA or adapter versions.
Configuration upload and download considerations for FA-PWWN
The configuration upload and download utilities can be used to import and export the FA-PWWN
configuration.
ATTENTION
Brocade recommends you delete all FA-PWWNs from the switch with the configuration being replaced
before you upload or download a modified configuration. This is to ensure no duplicate FA-PWWNs in
the fabric.
Security considerations for FA-PWWN
If security is a concern, ensure that only authorized users can configure FA-PWWNs. Device
authentication and DCC policies provide additional security between the switch and the server.
The FA-PWWN feature can be enabled only by authorized administrators. Thus, existing user-level
authentication and authorization mechanisms should be used to ensure only authorized users can
configure this feature.
If you are concerned about security for FA-PWWNs, you should configure device authentication. You
can use authentication at the device level to ensure security between the switch and the server. Refer
to
on page 224 for information about configuring device authentication.
You can also use the Device Connection Control (DCC) policy to ensure that only an authorized
physical server can connect to a specific switch port.
NOTE
When creating the DCC policy, use the physical device WWN and not the FA-PWWN.
Configuration upload and download considerations for FA-PWWN
Fabric OS Administrators Guide
453
53-1003130-01