beautypg.com

Security class areas, Security monitoring default settings, Security monitoring guidelines and default – Brocade Fabric Watch Administrators Guide (Supporting Fabric OS v7.3.0) User Manual

Page 50: Settings

background image

Security monitoring guidelines and default settings

The Security class monitors all attempts to breach your SAN security, helping you fine-tune your
security measures.

Security class areas

The table below lists Fabric Watch areas in the Security class and describes what each area indicates.
Although it is recommended that you leave the entire Security class in its default state (no alerts), you
can configure the Security class using the thConfig command.

Security class areas

TABLE 5

Area

Description

DCC violations (DV)

An unauthorized device attempts to log in to a secure fabric.

HTTP violations (HV)

A browser access request reaches a secure switch from an unauthorized IP
address.

Illegal commands (IV)

Commands permitted only to the primary Fibre Channel Switch (FCS) are
executed on another switch.

Incompatible security DB (ISB) Secure switches with different version stamps have been detected.

Login violations (LV)

Login violations which occur when a secure fabric detects a login failure.

Invalid certifications (IC)

Invalid security certificates have been detected.

No-FCS (NF)

The switch has lost contact with the primary FCS.

SCC violations (SV)

SCC violations which occur when an unauthorized switch tries to join a secure
fabric. The WWN of the unauthorized switch appears in the ERRLOG.

SLAP failures (FSLAP)

SLAP failures which occur when packets try to pass from a nonsecure switch to a
secure fabric.

Telnet violations (TV)

Telnet violations which occur when a Telnet connection request reaches a
secure switch from an unauthorized IP address.

TS out of sync (TS)

Time Server (TS) errors which occur when an out-of-synchronization error has
been detected.

Security monitoring default settings

Use the Security class default settings shown in the table below for area and notification configuration.
There is no reason to alter the default settings.

Security monitoring guidelines and default settings

50

Fabric Watch Administrators Guide

53-1003142-01