04-16-2010 04:49 AM
Could someone explain the affects of activating "High Integrity Fabric" in an all FOS with 6.2.0e version switches? We were going to attemtp to strengthen our overall SAN security by enabling the security feature but decided against it when we saw that it would disruptive I/O. How long does it disrupt I/O?
04-16-2010 05:29 AM
Is it a FICON config or Bseries
About FICON :
Fibre Channel supports a variety of “upper-layer protocols” such as FICON
used in IBM System z environments. Brocade has partnered with IBM to create high-integrity fabric characteristics for System z environments, including:
FICON mgmnt server
System Z mainframe innovations
To Configure a high integrity fabric (cascaded configuration):
1.Disable each SW in the fabric
2. For each SW:enable the IDID flag & Set the domain ID
3. Enable the SWs; this builds the fabric
4. configure the SCC policy on each SWs in the selected fabric
5. SAve or activate the new policy
6. Enable ACL FWC policy and enforce a strict SCC policy
7. Connect and enable channel and CU devices .The QSA response to the channel indicates that the fabric binding and IDID are enabled
The DCFM High Integrity Fabric (HIF) mode option automatically enables features and operating parameters
that are necessary in multiswitch Enterprise Fabric environments. When HIF is enabled, each switch in the
fabric automatically enforces a number of security-related features including Fabric Binding, Switch Binding,
Insistent Domain IDs, and Domain Register for State Change Notifications (RSCNs).
For Pure Fabric OS fabrics, HIF activates the Switch Connection Control (SCC) policy, sets Insistent Domain ID,
and sets the Fabric Wide Consistency Policy (FWCP) for SCC to strict mode.
For mixed Fabric OS and M-EOS fabrics:
• For Fabric OS switches, HIF activates the SCC policy, sets Insistent Domain ID, and sets the FWCP for SCC
in tolerant mode
• For M-EOS switches, HIF activates Enterprise Fabric Mode, Fabric Binding, Switch Binding, Insistent
Did you configure HIF according to the above mentioned steps.
I/O is disruptive unless until the policies are implemented.you should click yes. It is better to take the downtime and configure the same.
If you find this correct , then click the correct pls
04-16-2010 05:58 AM
It's a pure Fiber Channel environment.
I have gone over those same instructions that you've sent but it doesn't detail the outage associated with the change. I just need to know details about the disruption. Thanks,