Brocade Secure Fabric OS introduced the notion of a "secure mode" in the fabric. Secure mode provides mandatory enforcement of a set of security mechanisms considered desirable for fabric-wide properties, such as SCC policies, and for fabric-wide password distribution in environments that do not use RADIUS authentication, authorization, and accounting (AAA) service.
However, Secure Fabric OS fabric-wide enforcement may be too inflexible and the propagation of configuration changes too wide-ranging and implicit for some users. For this reason, Brocade is introducing a new model with the following characteristics: More granular, explicit control over the switch and fabric-wide configuration changes to a fabric A fabric-wide distribution enforcement mechanism that accommodates mixed Fabric OS version environments in which updates to a fabric can be performed incrementally
The first phase delivers advanced security features in the standard Fabric OS in version 5.2.0, including: Delivering selected security policy enforcement via access control lists (ACLs), without requiring a secure mode on the fabric
You upload a configuration file from the primary FCS switch in a secure fabric, edit the file manually, and then download the edited file. Or you can upload a configuration file from the primary FCS switch in a secure fabric, use this script to delete policies that are unnecessary for ACLs in Fabric OS 5.2.0, and then download the file
Operating System Not Applicable
Interface Not Applicable
Fabric Operating System Fabric OS v5.2.0
NOTES (INCLUDING LIMITATIONS)
In order to migrate to use the security features in standard Fabric OS, you must have Fabric OS 5.2.0 installed in the fabric VLAN (8021.q and ISL 802.1p).
NOTE: Fabric OS 5.2.0 provides SCC and DCC policies stored in a local database; however, SCC and DCC policies in Secure Fabric OS and in Fabric OS are not interchangeable. If you have security enabled in the fabric via Secure Fabric OS, you must disable it before you can use the ACL policies in Fabric OS.
For more about ACLs and Fabric OS, see "Configuring Advanced Security" in the Fabric OS Administrator's Guide for version 5.2.0.
NOTE: This contribution was migrated by Brocade from the former Brocade Connect community on March 13, 2008, on behalf of the author.