beautypg.com

Prohibiting all hosts from accessing volumes, Security example 2 – HP STORAGEWORKS XP24000 User Manual

Page 11

background image

Figure 2 Security Example 2

If no ports are registered in a host group, hosts in the host group can access volumes via ports to
which the hosts are connected.

This manual uses the term port-level security, which is a security policy for enabling hosts to access
volumes only via ports registered in host groups and thus prohibiting hosts to access the volumes via
other ports.

CAUTION:

Before you apply security, you should confirm what hosts are performing I/O operations on volumes
in access groups. If any hosts perform I/O operations on volumes in access groups that the hosts do
not belong to, you will need to stop the I/O operations before you apply security. For example, if
you attempt to apply security settings illustrated in

Figure 2

, an error occurs and the attempt fails if

host4 and host5 are performing I/O operations on ldev1. To apply the security settings, you will need
to ensure that

host4 and host5 are not performing I/O operations on ldev1.

Prohibiting All Hosts from Accessing Volumes

To prevent all the mainframe hosts from accessing volumes, you must register the volumes in a pool
group
(Note that you do not need to register hosts in pool groups). For example, if you register two

XP24000/XP20000 Volume Security User's Guide

11

This manual is related to the following products: