beautypg.com

Controlling access at the server or storage device – HP StorageWorks 2.64 Director Switch User Manual

Page 85

background image

Configuring Zones

85

Embedded Web Server User Guide

Controlling Access at the Server or Storage Device

Features available at the server or storage device can add methods, beyond
zoning, to increase network security measures, differentiate between operating
systems, and prevent data loss or corruption by controlling access between
devices or between separate user groups (such as engineering or human
resources).

Server-level access control is called persistent binding. Persistent binding uses
configuration information stored on the server and is implemented through the
server’s host bus adapter (HBA) driver. The process binds a server device name to
a specific Fibre Channel storage volume or logical unit number (LUN), through a
specific HBA and storage port WWN. In essence, this feature creates a reliable
route across the fabric that sustains the small computer system interface (SCSI)
connection between a server and storage device.

For persistent binding:

Each server HBA is explicitly bound to a storage volume or LUN, and access
is explicitly authorized (access is blocked by default).

The process is compatible with open system interconnection (OSI) standards.
The following are transparently supported:

— Different operating systems and applications.

— Different storage volume managers and file systems.

— Different fabric devices, including disk drives, tape drives, and tape

libraries.

If the server is rebooted, the server-to-storage connection is automatically
re-established.

The connection is bound to a storage port WWN. If the fiber-optic cable is
disconnected from the storage port, the server-to-storage connection is
automatically re-established when the port cable is reconnected. The
connection is also automatically re-established if the storage port is cabled
through a different managed product port.

Access can also be controlled at the storage device as an addition or enhancement
to redundant array of independent disks (RAID) controller software. Data access
is controlled within the storage device, and server HBA access to each LUN is
explicitly limited (access is blocked by default). Storage-level access control:

Provides control at the storage port and LUN level, and does not require
configuration at the server.

This manual is related to the following products:
See also other documents in the category HP Storage: