![HP StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays Скачать руководство пользователя страница 411](http://html.mh-extra.com/html/hp/storageworks-4000-6000-8000-enterprise-virtual-arrays/storageworks-4000-6000-8000-enterprise-virtual-arrays_reference-manual_156108411.webp)
Hardware requirements
You can use either the Encryption SAN Switch or the Encryption FC Blade for data encryption as part
of the B-series Encryption Switch security platform.
Supported security components
B-series Encryption Switch security platform supports the following software components:
•
Encryption
•
Frame filtering
•
Advanced Zoning
•
WebTools
•
Enhanced Group Management
The B-series Encryption Switch security platform supports the following optional software components:
•
Encryption SAN Switch Power Pack+ Software Bundle (optional)
•
Adaptive Networking
•
Fabric Watch
•
Advanced Performance Monitor
•
Extended Fabrics
•
ISL Trunking
•
Integrated Routing
•
Data Center Fabric Manager Enterprise
B-series Fabric OS security
This section describes the B-series Fabric OS security features for resource protection, data protection,
and security validation.
Resource protection
This section describes the B-series Fabric OS resource protection features.
User management
Fabric OS provides two options for authenticating users:
•
Remote RADIUS services
—Users are managed by a remote RADIUS server. All switches in the
fabric can be configured to authenticate against this centralized database.
•
Local user database
—Users are managed by a local database, which is synchronized manually
using the
distribute
command. This command pushes a copy of the switch's database to all
other Fabric OS 5.3.0 (or later) switches in the fabric.
Fabric OS uses RBAC to determine which commands are supported for each user.
Secure Shell
Fabric OS supports SSH encrypted sessions to ensure security. SSH encrypts all messages, including
client transmission of passwords during login. SSH includes a daemon (
sshd
), which runs on the
switch and supports many encryption algorithms, such as Blowfish-CBC and AES.
Commands that require a secure login channel must be issued from an original SSH session. Nested
SSH sessions will reject commands that require a secure channel.
SAN Design Reference Guide
411
Содержание StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays
Страница 26: ......
Страница 34: ...SAN design overview 34 ...
Страница 60: ...SAN fabric topologies 60 ...
Страница 80: ...Fibre Channel routing 80 ...
Страница 82: ......
Страница 92: ...H series switches and fabric rules 92 ...
Страница 156: ...C series switches and fabric rules 156 ...
Страница 182: ...SAN fabric connectivity and switch interoperability rules 182 ...
Страница 184: ......
Страница 270: ...XP and VA storage system rules 270 ...
Страница 276: ...Enterprise Backup Solution 276 ...
Страница 278: ......
Страница 354: ...SAN extension 354 ...
Страница 398: ...Network Attached Storage 398 ...
Страница 400: ......
Страница 416: ...Storage security 416 ...
Страница 428: ...Best practices 428 ...
Страница 456: ...456 ...