Configuring standard security features, Secure protocols, Table 4 secure protocol support – HP StorageWorks 2.128 SAN Director Switch User Manual
Page 39: Table 5 items needed to deploy secure protocols, 3 configuring standard security features, 4 secure protocol support, 5 items needed to deploy secure protocols, 3configuring standard security features
Fabric OS 5.x administrator guide
39
3
Configuring standard security features
This chapter provides information and procedures for configuring standard Fabric OS security features
such as account and password management.
Additional security features are available when secure mode is enabled. For information about licensed
security features available in Secure Fabric OS, see the HP StorageWorks Secure Fabric OS administrator
guide.
Secure protocols
Fabric OS supports the secure protocols shown in
,
SNMP is a standard method for monitoring and managing network devices. Using SNMP components,
you can program tools to view, browse, and manipulate HP StorageWorks switch variables and set up
enterprise-level management processes.
Every HP StorageWorks switch carries an SNMP agent and Management Information Base (MIB). The
agent accesses MIB information about a device and makes it available to a network manager station. You
can manipulate information of your choice by trapping MIB elements using the Fabric OS CLI, Advanced
Web Tools, or Fabric Manager.
The SNMP Access Control List (ACL) provides a way for you to restrict SNMP get and set operations to
certain hosts and IP addresses. This is used for enhanced management security in the SAN.
For details on HP StorageWorks MIB files, naming conventions, loading instructions, and information
about using the HP SNMP agent, see the HP StorageWorks Fabric OS 5.x MIB reference guide.
describes additional software or certificates that you must obtain to deploy secure protocols.
The security protocols are designed with the four main usage cases described in
Table 4
Secure protocol support
Protocol
Description
Secure Sockets Layer (SSL)
Supports SSLv3, 128-bit encryption by default. Fabric OS uses SSL to support
HTTPS. A certificate must be generated and installed on each switch to enable
SSL.
HTTPS
Advanced Web Tools supports the use of HTTPS.
Secure File Copy (scp)
Configuration upload and download support the use of scp.
SNMPv3
SNMPv1 is also supported.
Table 5
Items needed to deploy secure protocols
Protocol
Host side
Switch side
Secure telnet (sectelnet)
Sectelnet client
License not required, but a switch certificate
issued by HP is required
Secure Shell (SSH)
SSH client
None
HTTPS
No requirement on host
side except a browser that
supports HTTPS
Switch IP certificate for SSL
Secure File Copy (scp)
SSH daemon, scp server
None
SNMPv3, SNMPv1
None
None