Fibre Channel (SAN)

Reply
New Contributor
Posts: 4
Registered: ‎01-25-2012

NPIV and DCC policies

We are planning implementing DCC policies. We have NPIV ports (multiple vitrual WWN in a single physical port) and

we want to know if they are supported with DCC policies. For example we make a single policy with all vitrual

WWN and the switch port.

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: NPIV and DCC policies

Firts off I wouldn't do this because of the administration required to keep the fabric running smoothly and because off added complexity during troubleshooting. That said there's no restriction on DCC's with regards to NPIV. A device merly has to have a pwwn to be added to the policy.

Refer to the admin guide for your FOS the get the details on security policies.

New Contributor
Posts: 4
Registered: ‎01-25-2012

Re: NPIV and DCC policies

If DCC policies are not recommended with NPIVs what is suggested in order to prevent WWN spoofing (for NPIV ports)?

Regular Contributor
Posts: 201
Registered: ‎11-24-2009

Re: NPIV and DCC policies

Hi nikos.ioannou,

Access Gateway uses ADS (Advanced Device Security) policy instead.

Please refer to Access Gateway Administration Guide (53-1001760-01), section "Managing Policies and Features in Access Gateway Mode" for details.

Hope this helps,

Linar

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: NPIV and DCC policies

I didn't ment it is not recommended, i expressed my opinion that I would not do DCC.

New Contributor
Posts: 4
Registered: ‎01-25-2012

Re: NPIV and DCC policies

According to the following discussion I though that there is a problem with DCC policies (due to FDISC instead of FLOGI) when multiple virtual WWNs (NPIVs) share the same switch port.

http://community.brocade.com/message/15276

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: NPIV and DCC policies

A thru, forgot about that which is a bid odd because that was my own answer.

But anywho that was a year ago, perhaps FOS can deal with this in the present.

So try/test it and should it indeed work let us know

New Contributor
Posts: 4
Registered: ‎01-25-2012

Re: NPIV and DCC policies

OK thanks. Thank you Linar for your suggestion.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook