Managing fabrics, Radius servers, 2 managing fabrics – HP McDATA 4Gb SAN Switch for HP BladeSystem p-Class User Manual
Page 25: 2managing fabrics
McDATA® 4Gb SAN Switch for HP p-Class BladeSystem user guide
25
2
Managing fabrics
This section describes the following tasks that manage fabrics:
• Tracking fabric firmware and software versions
• Managing the fabric database
• Displaying fabric information
• Working with device information and nicknames
RADIUS servers
Remote Authentication Dial In User Service (RADIUS) provides a method to centralize the management of
authentication passwords in larger networks. It has a client/server model, where the server is the password
repository and third party authentication point and the clients are all of the managed devices. RADIUS can
be configured for devices and/or user accounts. The RADIUS server dialogs are available only on a secure
(SSL) fabric and on the entry switch (out of band switch). Refer to ”
” on page 80 for more information.
RADIUS is designed to authenticate users and devices using a challenge/response protocol. Basic
implementations consist of a central RADIUS server containing a database of authorized users as well as
authentication information. A RADIUS client wishing to verify the authenticity of a user issues a challenge
to the user and collects the response to the challenge. This information is forwarded to the RADIUS server
for authentication and the server responds with the results, either an accept or reject. The RADIUS client
does not need to be configured with any user authentication information, this all resides on the RADIUS
server and can be managed centrally and separately from the clients. In addition, no passwords are
exchanged between the RADIUS server and its clients. Authentication of requests from a RADIUS client to
the server and responses from the server to a client can also be authenticated. This requires sharing a
secret between the server and client. The accounting RADIUS supports the auditing of the users and switch
services such as Telnet, FTP, and switch management applications. The RADIUS Accounting Server enables
(True) or disables (False) the auditing of activity during a user session. The default is False. When enabled,
user activity is audited whether UserAuthServer is enabled or not. The accounting server UDP port number
is the ServerUDPPort value plus 1 (default 1813).