Broadcom Brocade Network Advisor SAN User , 14.4.2 User guide

Supporting Brocade Network Advisor 14.4.2

USER GUIDE

Brocade Network Advisor SAN User Manual,

14.4.2

53-1005406-01

06 April 2018

Copyright

©

Communications Systems LLC. Broadcom, the pulse logo, and Connecting everything are among the trademarks of Broadcom. The term "Broadcom"

refers to Broadcom Inc. and/or its subsidiaries.

Brocade, a Broadcom Inc. Company, reserves the right to make changes without further notice to any products or data herein to improve reliability,

function, or design. Information furnished by Brocade is believed to be accurate and reliable. However, Brocade does not assume any liability arising out of

the application or use of this information, nor the application or use of any product or circuit described herein, neither does it convey any license under its

patent rights nor the rights of others.

The product described by this document may contain open source software covered by the GNU General Public License or other open source license

agreements. To nd out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and

obtain a copy of the programming source code, please visit http://www.broadcom.com/support/bre-channel-networking/tools/oscd.

Brocade Network Advisor SAN User Manual, 14.4.2

2 53-1005406-01

Contents

About This Document..................................................................................................................................................................................................... 39

Supported hardware and software...................................................................................................................................................................................................39

Fabric OS hardware and software support..........................................................................................................................................................................39

HBA hardware and software support.................................................................................................................................................................................... 42

Getting technical help............................................................................................................................................................................................................................43

What's new in this document............................................................................................................................................................................................................. 43

Document conventions.........................................................................................................................................................................................................................44

Notes, cautions, and warnings..................................................................................................................................................................................................44

Text formatting conventions......................................................................................................................................................................................................44

Command syntax conventions.................................................................................................................................................................................................45

Document feedback.............................................................................................................................................................................................................................. 45

Getting Started..................................................................................................................................................................................................................47

User interface components.................................................................................................................................................................................................................47

Management server and client.......................................................................................................................................................................................................... 48

Logging in to a server from the server machine...............................................................................................................................................................48

Launching a remote client..........................................................................................................................................................................................................49

Clearing previous versions of the remote client................................................................................................................................................................50

Logging in to the web client...................................................................................................................................................................................................... 51

Launching the Conguration Wizard..................................................................................................................................................................................... 52

Viewing active sessions...............................................................................................................................................................................................................56

Disconnecting users.....................................................................................................................................................................................................................56

Viewing server properties...........................................................................................................................................................................................................57

Viewing port status........................................................................................................................................................................................................................58

Management server and client ports.....................................................................................................................................................................................59

Accessibility features for the Management application ..........................................................................................................................................................63

Keyboard shortcuts....................................................................................................................................................................................................................... 63

Look and feel customization.....................................................................................................................................................................................................64

Product improvement .......................................................................................................................................................................................................................... 66

Enabling product improvement data transfer.....................................................................................................................................................................67

Disabling product improvement data transfer................................................................................................................................................................... 67

Data transfer ................................................................................................................................................................................................................................... 67

PostgreSQL database...........................................................................................................................................................................................................................68

Connecting to the database using pgAdmin III ................................................................................................................................................................68

Connecting to the database using the ODBC client (Windows systems).............................................................................................................. 69

Connecting to the database using the ODBC client (Linux systems)......................................................................................................................70

Changing the database user password................................................................................................................................................................................ 72

Supported open source software and third-party software products............................................................................................................................... 73

SAN feature-to-rmware requirements.........................................................................................................................................................................................73

Patches............................................................................................................................................................................................................................... 75

Installing a patch......................................................................................................................................................................................................................................75

Uninstalling a patch................................................................................................................................................................................................................................76

Discovery............................................................................................................................................................................................................................79

SAN discovery overview...................................................................................................................................................................................................................... 79

Enabling or disabling auto enclosure.....................................................................................................................................................................................80

FCS policy and seed switches................................................................................................................................................................................................. 80

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 3

Backbone Chassis discovery requirements........................................................................................................................................................................80

Discovering fabrics........................................................................................................................................................................................................................81

Editing the password for multiple devices...........................................................................................................................................................................86

Conguring SNMP credentials................................................................................................................................................................................................ 88

Reverting to a default SNMP community string...............................................................................................................................................................90

Rediscovering a fabric..................................................................................................................................................................................................................90

Removing a fabric from active discovery.............................................................................................................................................................................90

Rediscovering a previously discovered fabric ...................................................................................................................................................................91

Deleting a fabric..............................................................................................................................................................................................................................91

DCB discovery......................................................................................................................................................................................................................................... 91

DCB discovery from the SAN tab.......................................................................................................................................................................................... 91

SAN Seed switch ................................................................................................................................................................................................................................... 92

Seed switch requirements..........................................................................................................................................................................................................93

Access Gateway as a seed switch...........................................................................................................................................................................................93

Seed switch failover...................................................................................................................................................................................................................... 94

Changing the seed switch.......................................................................................................................................................................................................... 94

Viewing the fabric discovery state....................................................................................................................................................................................................95

Troubleshooting fabric discovery......................................................................................................................................................................................................95

Managed count exceeded troubleshooting........................................................................................................................................................................ 96

Virtual Fabric discovery troubleshooting..............................................................................................................................................................................97

Device RADIUS authentication troubleshooting...............................................................................................................................................................98

SAN Fabric monitoring.........................................................................................................................................................................................................................98

Stop monitoring of discovered fabrics..................................................................................................................................................................................99

Stop monitoring of discovered switches..............................................................................................................................................................................99

Resume monitoring of discovered fabrics ......................................................................................................................................................................101

Resume monitoring of discovered switches................................................................................................................................................................... 101

Host discovery ..................................................................................................................................................................................................................................... 102

CIM and WMI host discovery requirements....................................................................................................................................................................102

Discovering Hosts by network address or host name................................................................................................................................................ 103

Importing Hosts from a CSV le..........................................................................................................................................................................................105

Importing Hosts from a fabric...............................................................................................................................................................................................107

Importing Hosts from a VM Manager................................................................................................................................................................................109

Editing host adapter credentials........................................................................................................................................................................................... 111

Removing a host from active discovery............................................................................................................................................................................113

Rediscovering a host to active discovery..........................................................................................................................................................................113

Rediscovering a previously discovered host ..................................................................................................................................................................113

Deleting a host from discovery.............................................................................................................................................................................................114

Viewing the host discovery state..........................................................................................................................................................................................114

Troubleshooting host discovery............................................................................................................................................................................................116

VM Manager discovery..................................................................................................................................................................................................................... 116

VM Manager discovery requirements................................................................................................................................................................................116

Discovering a VM manager....................................................................................................................................................................................................116

Editing a VM manager..............................................................................................................................................................................................................118

Excluding a host from VM manager discovery..............................................................................................................................................................119

Including a host in VM manager discovery......................................................................................................................................................................120

Removing a VM manager from active discovery..........................................................................................................................................................120

Rediscovering a previously discovered VM manager................................................................................................................................................. 120

Deleting a VM manager from discovery...........................................................................................................................................................................120

Viewing the VM manager discovery state........................................................................................................................................................................121

Troubleshooting VM manager discovery..........................................................................................................................................................................121

Brocade Network Advisor SAN User Manual, 14.4.2

4 53-1005406-01

Application Conguration............................................................................................................................................................................................ 123

Congurable preferences..................................................................................................................................................................................................................123

Server Data backup.............................................................................................................................................................................................................................124

What is backed up?....................................................................................................................................................................................................................125

Management server backup.................................................................................................................................................................................................. 125

Conguring backup....................................................................................................................................................................................................................125

Enabling backup..........................................................................................................................................................................................................................128

Disabling backup........................................................................................................................................................................................................................ 128

Viewing the backup status...................................................................................................................................................................................................... 128

Changing the backup interval................................................................................................................................................................................................ 128

Starting immediate backup.....................................................................................................................................................................................................129

Reviewing backup events........................................................................................................................................................................................................129

Server Data restore..............................................................................................................................................................................................................................130

Restoring data.............................................................................................................................................................................................................................. 130

Restoring data to a new server..............................................................................................................................................................................................131

SAN data collection ............................................................................................................................................................................................................................131

Product communication protocols............................................................................................................................................................................................... 133

OUI mapping settings........................................................................................................................................................................................................................135

Importing the OUI le............................................................................................................................................................................................................... 135

Editing the product type...........................................................................................................................................................................................................136

SAN display settings...........................................................................................................................................................................................................................137

Setting your FICON display................................................................................................................................................................................................... 137

Resetting your display...............................................................................................................................................................................................................139

SAN End node display.......................................................................................................................................................................................................................139

Displaying end nodes............................................................................................................................................................................................................... 140

SAN Ethernet loss events.................................................................................................................................................................................................................140

Enabling SAN Ethernet loss events.................................................................................................................................................................................... 140

Disabling SAN Ethernet loss events...................................................................................................................................................................................141

Event storage settings........................................................................................................................................................................................................................141

Conguring event storage.......................................................................................................................................................................................................141

Storing historical events purged from repository.......................................................................................................................................................... 142

Flyover settings ....................................................................................................................................................................................................................................143

Conguring yovers...................................................................................................................................................................................................................143

Turning yovers on or o.........................................................................................................................................................................................................147

Viewing yovers.......................................................................................................................................................................................................................... 147

Name settings....................................................................................................................................................................................................................................... 147

Setting names to be unique................................................................................................................................................................................................... 148

Setting names to be non-unique......................................................................................................................................................................................... 148

Fixing duplicate names.............................................................................................................................................................................................................148

Viewing names............................................................................................................................................................................................................................ 150

Adding a name to an existing device..................................................................................................................................................................................151

Adding a name to a new device............................................................................................................................................................................................152

Applying a name to a detached WWN.............................................................................................................................................................................. 152

Removing a name from a device.........................................................................................................................................................................................153

Editing names.............................................................................................................................................................................................................................. 153

Exporting names.........................................................................................................................................................................................................................153

Importing Names........................................................................................................................................................................................................................154

Searching for a device by name........................................................................................................................................................................................... 154

Searching for a device by WWN...........................................................................................................................................................................................155

Miscellaneous security settings......................................................................................................................................................................................................155

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 5

Conguring the server name................................................................................................................................................................................................. 155

Enforcing MD5 le during import........................................................................................................................................................................................156

Conguring login security....................................................................................................................................................................................................... 157

Conguring the login banner display..................................................................................................................................................................................157

Disabling the login banner .....................................................................................................................................................................................................157

Syslog Registration settings............................................................................................................................................................................................................ 158

Registering a server as a Syslog recipient automatically............................................................................................................................................158

Conguring the Syslog listing port number.....................................................................................................................................................................158

SNMP Trap Registration settings..................................................................................................................................................................................................159

Registering a server as a SNMP trap recipient automatically.................................................................................................................................. 159

Conguring the SNMP trap listing port number............................................................................................................................................................159

SNMP Trap forwarding credential settings................................................................................................................................................................................159

Conguring SNMP v1 and v2c credentials.....................................................................................................................................................................160

Conguring SNMP v3 credentials.......................................................................................................................................................................................160

Software Conguration...................................................................................................................................................................................................................... 161

Certicates.....................................................................................................................................................................................................................................161

Client export port settings.......................................................................................................................................................................................................169

Client/Server IP........................................................................................................................................................................................................................... 170

Memory allocation settings.................................................................................................................................................................................................... 175

Product communication settings......................................................................................................................................................................................... 179

FTP/SCP/SFTP server settings.......................................................................................................................................................................................... 181

Server port settings....................................................................................................................................................................................................................187

Support mode settings.............................................................................................................................................................................................................188

FIPS Support.........................................................................................................................................................................................................................................191

Fabric tracking.......................................................................................................................................................................................................................................191

Enabling fabric tracking............................................................................................................................................................................................................192

Disabling fabric tracking...........................................................................................................................................................................................................192

Accepting changes for a fabric..............................................................................................................................................................................................193

Accepting changes for all fabrics......................................................................................................................................................................................... 194

Accepting changes for a switch, access gateway, or phantom domain...............................................................................................................195

User Account Management.........................................................................................................................................................................................197

Users overview......................................................................................................................................................................................................................................197

Conguration requirements....................................................................................................................................................................................................197

Viewing congured users........................................................................................................................................................................................................197

User accounts........................................................................................................................................................................................................................................200

Creating a new user account..................................................................................................................................................................................................200

Editing a user account.............................................................................................................................................................................................................. 202

Copying a user account............................................................................................................................................................................................................202

Copying and pasting user preferences.............................................................................................................................................................................. 203

Exporting a user account.........................................................................................................................................................................................................203

Importing a user account.........................................................................................................................................................................................................204

Assigning roles and areas of responsibility to a user account................................................................................................................................. 204

Removing roles and areas of responsibility from a user account...........................................................................................................................205

Disabling a user account..........................................................................................................................................................................................................205

Enabling a user account...........................................................................................................................................................................................................205

Deleting a user account............................................................................................................................................................................................................206

Unlocking a user account........................................................................................................................................................................................................206

Roles..........................................................................................................................................................................................................................................................206

Creating a new role.....................................................................................................................................................................................................................206

Editing a role................................................................................................................................................................................................................................. 207

Brocade Network Advisor SAN User Manual, 14.4.2

6 53-1005406-01

Copying a role.............................................................................................................................................................................................................................. 208

Deleting a role.............................................................................................................................................................................................................................. 208

Adding privileges to a role.......................................................................................................................................................................................................208

Removing privileges from a role.......................................................................................................................................................................................... 209

Areas of responsibility .......................................................................................................................................................................................................................209

Creating an AOR.........................................................................................................................................................................................................................210

Editing an AOR............................................................................................................................................................................................................................211

Copying an AOR ........................................................................................................................................................................................................................211

Deleting an AOR.........................................................................................................................................................................................................................212

Assigning products to an AOR............................................................................................................................................................................................. 212

Removing products from an AOR.......................................................................................................................................................................................212

Password policies................................................................................................................................................................................................................................ 213

Conguring a password policy..............................................................................................................................................................................................213

Viewing password policy violators.......................................................................................................................................................................................216

User proles........................................................................................................................................................................................................................................... 216

Viewing your user prole......................................................................................................................................................................................................... 217

Editing your user prole ..........................................................................................................................................................................................................217

Changing your password.........................................................................................................................................................................................................218

Viewing your password policy...............................................................................................................................................................................................218

Resetting optional messages.................................................................................................................................................................................................219

Conguring e-mail notication ............................................................................................................................................................................................ 219

Fabric Insight Portal ..................................................................................................................................................................................................... 221

Fabric Insight Portal overview.........................................................................................................................................................................................................221

Licenses ........................................................................................................................................................................................................................................ 221

Prerequisites................................................................................................................................................................................................................................. 221

Viewing the Fabric Insight Portal logs................................................................................................................................................................................223

Opening the Management application.............................................................................................................................................................................. 224

Global Filter...................................................................................................................................................................................................................................226

Logging o the Fabric Insight Portal.................................................................................................................................................................................. 227

Dashboard...............................................................................................................................................................................................................................................227

Dashboard overview..................................................................................................................................................................................................................227

Default dashboard templates.................................................................................................................................................................................................238

SAN Port Health widgets........................................................................................................................................................................................................ 239

Performance widgets................................................................................................................................................................................................................256

Events....................................................................................................................................................................................................................................................... 258

Events overview...........................................................................................................................................................................................................................258

Viewing event details.................................................................................................................................................................................................................260

Refreshing the Events page....................................................................................................................................................................................................261

Displaying events by severity.................................................................................................................................................................................................262

Setting the network scope.......................................................................................................................................................................................................262

Setting the time interval............................................................................................................................................................................................................263

Inventory overview...............................................................................................................................................................................................................................264

Fabric summary view................................................................................................................................................................................................................265

Port Summary View.................................................................................................................................................................................................................. 272

Dashboard Management..............................................................................................................................................................................................281

Dashboard overview........................................................................................................................................................................................................................... 281

Dashboard toolbar......................................................................................................................................................................................................................282

Dashboard messages...............................................................................................................................................................................................................283

Dashboards expand navigation bar.....................................................................................................................................................................................283

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 7

General dashboard functions ............................................................................................................................................................................................... 285

Dashboard Privileges................................................................................................................................................................................................................285

Accessing a dashboard............................................................................................................................................................................................................285

Filtering the dashboards list................................................................................................................................................................................................... 286

Creating a user-dened dashboard.................................................................................................................................................................................... 286

Editing a user-dened dashboard....................................................................................................................................................................................... 287

Deleting a user-dened dashboard.....................................................................................................................................................................................287

Sharing a user-dened dashboard denition..................................................................................................................................................................287

Unsharing a user-dened dashboard denition............................................................................................................................................................ 287

Exporting a user-dened dashboard denition..............................................................................................................................................................288

Importing a user-dened dashboard denition............................................................................................................................................................. 288

Setting the dashboard display...............................................................................................................................................................................................288

Customizing the dashboard widgets and monitors .................................................................................................................................................... 289

Exporting the dashboard display..........................................................................................................................................................................................290

Attaching and detaching the Dashboard tab...................................................................................................................................................................290

Customizing the dashboard scope......................................................................................................................................................................................291

Setting the network scope.......................................................................................................................................................................................................291

Creating a customized network scope...............................................................................................................................................................................292

Editing a user-dened network scope............................................................................................................................................................................... 294

Deleting a user-dened network scope............................................................................................................................................................................ 294

Setting the time scope..............................................................................................................................................................................................................295

Dashboard playback..................................................................................................................................................................................................................296

Default dashboards.............................................................................................................................................................................................................................297

Campus dashboard................................................................................................................................................................................................................... 297

Editing a precongured performance monitor............................................................................................................................................................... 306

Product Status and Trac dashboard................................................................................................................................................................................307

SAN Ports Health.......................................................................................................................................................................................................................319

Storage Port Health...................................................................................................................................................................................................................330

WAN Vision dashboard............................................................................................................................................................................................................341

Monitoring and Alerting Policy Suite / Fabric Watch widgets........................................................................................................................................... 353

Out of Range Violations widget............................................................................................................................................................................................353

Port Health Violations widget................................................................................................................................................................................................ 355

Performance monitors.......................................................................................................................................................................................................................357

Displaying performance monitors on the dashboard..................................................................................................................................................358

Top FCoE Port Alignment Errors monitor........................................................................................................................................................................359

Top IP Port Alignment Errors monitors.............................................................................................................................................................................359

Top Port C3 Discards monitor..............................................................................................................................................................................................360

Top Port C3 Discards RX TO monitor...............................................................................................................................................................................361

Top Port CRC Errors monitor................................................................................................................................................................................................362

Top Port Encode Error Out monitor................................................................................................................................................................................... 364

Top Port PCS Block Errors monitor................................................................................................................................................................................... 365

Top Port Link Failures monitor..............................................................................................................................................................................................366

Top Port Link Resets monitor............................................................................................................................................................................................... 367

Top Port Overow Errors monitor....................................................................................................................................................................................... 368

Top Port Receive EOF monitor............................................................................................................................................................................................ 369

Top Port Runtime Errors monitor........................................................................................................................................................................................ 369

Top Port Sync Losses monitor............................................................................................................................................................................................. 370

Top Port Too Long Errors monitor......................................................................................................................................................................................371

Top Port Trac monitor...........................................................................................................................................................................................................372

Top Port Underow Errors monitor.....................................................................................................................................................................................373

Brocade Network Advisor SAN User Manual, 14.4.2

8 53-1005406-01

Top Port Utilization Percentage monitor...........................................................................................................................................................................373

Bottom Port Utilization Percentage monitor...................................................................................................................................................................374

Top Product CPU Utilization monitor.................................................................................................................................................................................376

Top Product Memory Utilization monitor......................................................................................................................................................................... 377

Top Product Response Time monitor................................................................................................................................................................................378

Top Product Temperature monitor......................................................................................................................................................................................379

Top Products with Unused Ports monitor........................................................................................................................................................................380

User-dened performance monitors...........................................................................................................................................................................................380

Monitor types............................................................................................................................................................................................................................... 380

Measures........................................................................................................................................................................................................................................381

Top or bottom port performance monitors......................................................................................................................................................................383

Top or bottom product performance monitors..............................................................................................................................................................387

Distribution performance monitors.....................................................................................................................................................................................389

Time series performance monitors.....................................................................................................................................................................................394

Trac ow dashboard monitors.....................................................................................................................................................................................................395

Trac ow monitor types........................................................................................................................................................................................................395

Trac ow measures................................................................................................................................................................................................................ 396

Trac ow performance graph monitor............................................................................................................................................................................396

Top or bottom trac ow performance monitor........................................................................................................................................................... 397

Time series trac ow performance monitor.................................................................................................................................................................398

Conguring a trac ows monitor from a performance graph...............................................................................................................................400

Conguring a user-dened trac ow performance monitor ................................................................................................................................ 401

View Management......................................................................................................................................................................................................... 403

SAN tab overview................................................................................................................................................................................................................................ 403

SAN main toolbar.......................................................................................................................................................................................................................405

View All list.....................................................................................................................................................................................................................................405

Port Display buttons..................................................................................................................................................................................................................406

Connectivity Map toolbar ....................................................................................................................................................................................................... 406

Product List...................................................................................................................................................................................................................................407

Connectivity Map........................................................................................................................................................................................................................408

Utilization Legend.......................................................................................................................................................................................................................409

Master Log..............................................................................................................................................................................................................................................410

Minimap...................................................................................................................................................................................................................................................411

Anchoring or oating the Minimap......................................................................................................................................................................................412

Resizing the Minimap............................................................................................................................................................................................................... 412

Status bar................................................................................................................................................................................................................................................ 412

Icon legend............................................................................................................................................................................................................................................. 414

SAN product icons.....................................................................................................................................................................................................................414

Host product icons.....................................................................................................................................................................................................................415

SAN group icons.........................................................................................................................................................................................................................416

Host group icons.........................................................................................................................................................................................................................416

SAN port icons............................................................................................................................................................................................................................ 416

SAN product status icons........................................................................................................................................................................................................418

Event icons....................................................................................................................................................................................................................................418

Customizing the main window....................................................................................................................................................................................................... 419

Zooming in and out of the Connectivity Map................................................................................................................................................................. 419

Showing levels of detail on the Connectivity Map........................................................................................................................................................ 420

Exporting the topology.............................................................................................................................................................................................................421

Customizing application tables.............................................................................................................................................................................................421

Product List customization.............................................................................................................................................................................................................. 424

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 9

Adding a property label............................................................................................................................................................................................................425

Editing a property label.............................................................................................................................................................................................................425

Deleting a property label..........................................................................................................................................................................................................425

Search.......................................................................................................................................................................................................................................................426

Searching for a device ............................................................................................................................................................................................................. 426

Restricting a search by node..................................................................................................................................................................................................427

Searching for an exact match................................................................................................................................................................................................ 427

Clearing search results..............................................................................................................................................................................................................428

SAN view management overview.................................................................................................................................................................................................428

Creating a customized view....................................................................................................................................................................................................428

Editing a customized view.......................................................................................................................................................................................................431

Deleting a customized view....................................................................................................................................................................................................432

Copying a view.............................................................................................................................................................................................................................433

SAN topology layout ......................................................................................................................................................................................................................... 434

Customizing the layout of devices on the topology.....................................................................................................................................................435

Customizing the layout of connections on the topology............................................................................................................................................436

Changing a group background color..................................................................................................................................................................................436

Reverting to the default background color.......................................................................................................................................................................437

Changing the product label.................................................................................................................................................................................................... 438

Changing the port label............................................................................................................................................................................................................438

Changing the port display.......................................................................................................................................................................................................438

Grouping on the topology................................................................................................................................................................................................................ 439

Collapsing groups.......................................................................................................................................................................................................................439

Expanding groups...................................................................................................................................................................................................................... 439

Viewing connections................................................................................................................................................................................................................. 439

Conguring custom connections.........................................................................................................................................................................................440

Deleting a custom connection conguration.................................................................................................................................................................. 440

Call Home........................................................................................................................................................................................................................441

Call Home overview............................................................................................................................................................................................................................441

System requirements................................................................................................................................................................................................................442

Viewing Call Home congurations............................................................................................................................................................................................... 442

Showing a Call Home center...........................................................................................................................................................................................................445

Hiding a Call Home center...............................................................................................................................................................................................................445

Editing a Call Home center.............................................................................................................................................................................................................. 446

Editing an e-mail Call Home center....................................................................................................................................................................................446

Editing the DELL EMC Call Home center....................................................................................................................................................................... 450

Enabling a Call Home center...........................................................................................................................................................................................................452

Enabling supportSave........................................................................................................................................................................................................................453

Testing the Call Home center connection..................................................................................................................................................................................453

Disabling a Call Home center......................................................................................................................................................................................................... 454

Viewing Call Home status................................................................................................................................................................................................................ 454

Assigning a device to the Call Home center.............................................................................................................................................................................455

Removing a device from a Call Home center.......................................................................................................................................................................... 455

Removing all devices and lters from a Call Home center.................................................................................................................................................456

Dening an event lter....................................................................................................................................................................................................................... 456

Call Home for virtual switches...............................................................................................................................................................................................457

Assigning an event lter to a Call Home center .....................................................................................................................................................................457

Assigning an event lter to a device.............................................................................................................................................................................................458

Overwriting an assigned event lter............................................................................................................................................................................................. 458

Removing all event lters from a Call Home center..............................................................................................................................................................458

Brocade Network Advisor SAN User Manual, 14.4.2

10 53-1005406-01

Removing an event lter from a device...................................................................................................................................................................................... 459

Removing an event lter from the Call Home Event Filters list........................................................................................................................................459

Searching for an assigned event lter ........................................................................................................................................................................................ 460

Third-Party Tools...........................................................................................................................................................................................................461

About third-party tools...................................................................................................................................................................................................................... 461

Starting third-party tools from the application.........................................................................................................................................................................461

Launching a Telnet session..............................................................................................................................................................................................................462

Launching a Telnet session from the SAN tab...............................................................................................................................................................462

Launching Element Manager..........................................................................................................................................................................................................462

Launching Web Tools.........................................................................................................................................................................................................................463

Launching FCR Conguration........................................................................................................................................................................................................463

Launching Name Server...................................................................................................................................................................................................................464

Launching HCM Agent......................................................................................................................................................................................................................464

Launching Fabric Watch....................................................................................................................................................................................................................465

Adding a tool..........................................................................................................................................................................................................................................465

Entering the server IP address of a tool......................................................................................................................................................................................466

Adding an option to the Tools menu............................................................................................................................................................................................467

Changing an option on the Tools menu..................................................................................................................................................................................... 469

Removing an option from the Tools menu............................................................................................................................................................................... 469

Adding an option to a device’s shortcut menu........................................................................................................................................................................ 470

Changing an option on a device’s shortcut menu..................................................................................................................................................................470

Removing an option from a device’s shortcut menu............................................................................................................................................................471

Microsoft System Center Operations Manager plug-in.......................................................................................................................................................472

SCOM plug-in requirements................................................................................................................................................................................................. 472

Registering a SCOM server....................................................................................................................................................................................................472

Editing a SCOM server.............................................................................................................................................................................................................473

Removing a SCOM server......................................................................................................................................................................................................473

Conguring event forwarding to the SCOM console...................................................................................................................................................473

Server Management Console......................................................................................................................................................................................475

Server Management Console overview......................................................................................................................................................................................475

Launching the SMC on Windows........................................................................................................................................................................................475

Launching the SMC on Linux .............................................................................................................................................................................................. 475

Services tab............................................................................................................................................................................................................................................476

Monitoring and managing Management application services.................................................................................................................................476

Refreshing the server status...................................................................................................................................................................................................477

Stopping all services..................................................................................................................................................................................................................478

Stopping the CIMOM services............................................................................................................................................................................................. 478

Starting all services.................................................................................................................................................................................................................... 478

Restarting all services............................................................................................................................................................................................................... 478

Changing the database password........................................................................................................................................................................................479

Ports tab...................................................................................................................................................................................................................................................479

Viewing server port numbers.................................................................................................................................................................................................479

AAA Settings tab..................................................................................................................................................................................................................................480

Conguring RADIUS server authentication..................................................................................................................................................................... 480

Conguring LDAP server authentication..........................................................................................................................................................................483

Conguring TACACS+ server authentication..................................................................................................................................................................487

Conguring Common Access Card authentication......................................................................................................................................................490

Conguring switch authentication........................................................................................................................................................................................492

Conguring Windows authentication..................................................................................................................................................................................493

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 11

Conguring local database authentication....................................................................................................................................................................... 493

Displaying the client authentication audit trail.................................................................................................................................................................493

RADIUS server conguration..........................................................................................................................................................................................................494

Conguring Management application data on the RADIUS server.......................................................................................................................494

Conguring user authorization for the RADIUS server...............................................................................................................................................494

Conguring the dictionary le for the RADIUS server................................................................................................................................................ 495

LDAP server conguration...............................................................................................................................................................................................................496

Creating an AD user account ................................................................................................................................................................................................496

Assigning an AD user to an AD group.............................................................................................................................................................................. 497

Dening user accounts on the external LDAP server..................................................................................................................................................497

Assigning roles and AORs to an AD group.....................................................................................................................................................................499

Removing roles and AORs from an AD group.............................................................................................................................................................. 501

Loading an AD group................................................................................................................................................................................................................501

Deleting an AD group............................................................................................................................................................................................................... 503

Restore tab..............................................................................................................................................................................................................................................503

Restoring the database.............................................................................................................................................................................................................503

Technical Support Information tab................................................................................................................................................................................................504

Capturing technical support information...........................................................................................................................................................................505

HCM Upgrade tab............................................................................................................................................................................................................................... 506

Upgrading HCM on the Management server.................................................................................................................................................................507

SMI Agent Conguration Tool........................................................................................................................................................................................................ 507

SMI Agent certication.............................................................................................................................................................................................................508

Launching the SMIA conguration tool on Windows..................................................................................................................................................513

Launching the SMIA conguration tool on Unix............................................................................................................................................................514

Launching a remote SMIA conguration tool.................................................................................................................................................................515

Service Location Protocol (SLP) support......................................................................................................................................................................... 515

Home tab....................................................................................................................................................................................................................................... 519

Authentication tab.......................................................................................................................................................................................................................519

CIMOM tab................................................................................................................................................................................................................................... 521

Certicate Management tab...................................................................................................................................................................................................524

Summary tab................................................................................................................................................................................................................................527

SAN Device Conguration...........................................................................................................................................................................................531

Conguration le management......................................................................................................................................................................................................531

Saving switch congurations ................................................................................................................................................................................................ 531

Adaptive backup ........................................................................................................................................................................................................................ 532

Restoring a switch conguration for a selected device...............................................................................................................................................533

Scheduling switch conguration backup.......................................................................................................................................................................... 534

Viewing switch congurations............................................................................................................................................................................................... 536

Restoring a conguration from the repository................................................................................................................................................................538

Viewing conguration le content........................................................................................................................................................................................540

Searching the conguration le content............................................................................................................................................................................541

Deleting a conguration ..........................................................................................................................................................................................................542

Exporting a conguration........................................................................................................................................................................................................ 543

Importing a conguration........................................................................................................................................................................................................543

Comparing switch congurations........................................................................................................................................................................................ 543

Keeping a copy past the dened age limit....................................................................................................................................................................... 546

Tracking changes from the baseline conguration.......................................................................................................................................................547

Replicating congurations.......................................................................................................................................................................................................549

Replicating security congurations......................................................................................................................................................................................553

Enhanced group management.......................................................................................................................................................................................................556

Brocade Network Advisor SAN User Manual, 14.4.2

12 53-1005406-01

Firmware management..................................................................................................................................................................................................................... 556

Firmware upgrade or downgrade considerations ........................................................................................................................................................ 556

Downloading rmware..............................................................................................................................................................................................................557

Firmware download support for HCL enabled Fabric OS 16 Gbps 24-FC port, 18 GbE port switches............................................560

Parallel FC/IPEX HCL Support on Gen6 chassis........................................................................................................................................................ 560

Displaying the rmware repository......................................................................................................................................................................................560

Importing a rmware le..........................................................................................................................................................................................................562

Parallel rmware download warning message............................................................................................................................................................... 563

Deleting a rmware le.............................................................................................................................................................................................................564

Switch password management .....................................................................................................................................................................................................564

Changing the switch password ............................................................................................................................................................................................ 566

Resetting the switch password..............................................................................................................................................................................................568

Frame viewer......................................................................................................................................................................................................................................... 569

Viewing discarded frames from a device..........................................................................................................................................................................570

Viewing discarded frames from a port.............................................................................................................................................................................. 571

Clearing the discarded frame log ........................................................................................................................................................................................572

Refreshing the discarded frame log....................................................................................................................................................................................573

Ports.......................................................................................................................................................................................................................................................... 573

Viewing port connectivity........................................................................................................................................................................................................ 573

Refreshing the port connectivity view................................................................................................................................................................................ 576

Enabling a port.............................................................................................................................................................................................................................576

Disabling a port........................................................................................................................................................................................................................... 577

Filtering port connectivity........................................................................................................................................................................................................577

Viewing port details .................................................................................................................................................................................................................. 579

Viewing ports................................................................................................................................................................................................................................579

Port types.......................................................................................................................................................................................................................................580

Showing connected ports....................................................................................................................................................................................................... 580

Viewing port connection properties.................................................................................................................................................................................... 581

Determining inactive iSCSI devices....................................................................................................................................................................................584

Determining port status........................................................................................................................................................................................................... 584

Viewing port optics.................................................................................................................................................................................................................... 585

Administrative Domain-enabled fabric support......................................................................................................................................................................588

AD-enabled fabric discovery.................................................................................................................................................................................................588

Management application behavior for AD-enabled fabrics......................................................................................................................................589

Management application support for AD-enabled fabrics........................................................................................................................................589

Port Auto Disable.................................................................................................................................................................................................................................591

Viewing Port Auto Disable status.........................................................................................................................................................................................591

Conguring Port Auto Disable event triggers.................................................................................................................................................................593

Enabling Port Auto Disable on individual ports............................................................................................................................................................. 594

Enabling Port Auto Disable on all ports on a device....................................................................................................................................................594

Disabling Port Auto Disable on individual ports............................................................................................................................................................595

Disabling Port Auto Disable on all ports on a device.................................................................................................................................................. 595

Stopping Port Auto Disable on a device...........................................................................................................................................................................596

Resuming Port Auto Disable on a device.........................................................................................................................................................................596

Unblocking ports.........................................................................................................................................................................................................................596

Host Port Mapping........................................................................................................................................................................................................ 599

Host port mapping overview...........................................................................................................................................................................................................599

Creating a new Host............................................................................................................................................................................................................................600

Renaming an HBA Host................................................................................................................................................................................................................... 601

Deleting an HBA Host....................................................................................................................................................................................................................... 601

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 13

Viewing Host properties....................................................................................................................................................................................................................601

Associating an HBA with a Host....................................................................................................................................................................................................601

Importing HBA-to-Host mapping................................................................................................................................................................................................602

Removing an HBA from a Host.....................................................................................................................................................................................................603

Exporting Host port mapping.........................................................................................................................................................................................................604

Storage Port Mapping.................................................................................................................................................................................................. 605

Storage port mapping overview.....................................................................................................................................................................................................605

Creating a storage array.................................................................................................................................................................................................................... 606

Adding storage ports to a storage array.....................................................................................................................................................................................606

Unassigning a storage port from a storage array...................................................................................................................................................................607

Reassigning mapped storage ports.............................................................................................................................................................................................607

Editing storage array properties.....................................................................................................................................................................................................608

Deleting a storage array.................................................................................................................................................................................................................... 608

Viewing storage port properties.....................................................................................................................................................................................................608

Viewing storage array properties...................................................................................................................................................................................................609

Importing storage port mapping................................................................................................................................................................................................... 609

Exporting storage port mapping................................................................................................................................................................................................... 610

Host Management ........................................................................................................................................................................................................613

Host management...............................................................................................................................................................................................................................613

Supported adapters............................................................................................................................................................................................................................ 613

Host Bus Adapters.....................................................................................................................................................................................................................614

Converged Network Adapters...............................................................................................................................................................................................614

Fabric Adapters........................................................................................................................................................................................................................... 615

AnyIOTM technology................................................................................................................................................................................................................615

HCM software ...................................................................................................................................................................................................................................... 616

HCM features............................................................................................................................................................................................................................... 616

Host adapter discovery .....................................................................................................................................................................................................................617

VM Manager.......................................................................................................................................................................................................................................... 617

Adding a VM Manager............................................................................................................................................................................................................. 618

Editing a VM Manager..............................................................................................................................................................................................................618

Deleting a VM Manager...........................................................................................................................................................................................................619

Adding an application name to a VM.................................................................................................................................................................................619

HCM and Management application support on ESXi systems........................................................................................................................................619

ESXi CIM listener ports............................................................................................................................................................................................................ 619

Connectivity map................................................................................................................................................................................................................................. 621

View management...............................................................................................................................................................................................................................621

Host port mapping.............................................................................................................................................................................................................................. 621

Adapter software.................................................................................................................................................................................................................................. 622

Driver repository..........................................................................................................................................................................................................................623

Boot image repository..............................................................................................................................................................................................................625

Bulk port conguration...................................................................................................................................................................................................................... 628

Conguring host adapter ports............................................................................................................................................................................................. 629

Adapter port WWN virtualization...................................................................................................................................................................................................632

Conguring FAWWNs on switch ports..............................................................................................................................................................................633

FAWWNs on attached AG ports.......................................................................................................................................................................................... 635

Role-based access control...............................................................................................................................................................................................................637

Host adapter management privileges................................................................................................................................................................................638

Host adapter administrator privileges................................................................................................................................................................................ 638

Host performance management...................................................................................................................................................................................................638

Brocade Network Advisor SAN User Manual, 14.4.2

14 53-1005406-01

Host security authentication............................................................................................................................................................................................................639

Conguring security authentication using the Management application ........................................................................................................... 640

supportSave on adapters..................................................................................................................................................................................................................641

Host fault management.....................................................................................................................................................................................................................641

Adapter events.............................................................................................................................................................................................................................642

Filtering event notications.....................................................................................................................................................................................................642

Syslog forwarding.......................................................................................................................................................................................................................642

Backup support.................................................................................................................................................................................................................................... 642

Conguring backup to a hard drive.....................................................................................................................................................................................643

Enabling backup..........................................................................................................................................................................................................................643

Disabling backup........................................................................................................................................................................................................................ 644

Fibre Channel over Ethernet........................................................................................................................................................................................645

FCoE overview......................................................................................................................................................................................................................................645

DCBX protocol.............................................................................................................................................................................................................................645

Enhanced Ethernet features............................................................................................................................................................................................................ 646

Enhanced Transmission Selection.......................................................................................................................................................................................646

Priority-based ow control......................................................................................................................................................................................................646

Ethernet jumbo frames............................................................................................................................................................................................................ 646

FCoE protocols supported...............................................................................................................................................................................................................646

Ethernet link layer protocols supported.............................................................................................................................................................................647

FCoE protocols............................................................................................................................................................................................................................647

FCoE licensing...................................................................................................................................................................................................................................... 647

Saving running congurations........................................................................................................................................................................................................648

Copying switch congurations to selected switches....................................................................................................................................................648

DCB conguration management.................................................................................................................................................................................................. 649

Switch policies.......................................................................................................................................................................................................................................650

DCB map and Trac Class map......................................................................................................................................................................................... 650

LLDP proles............................................................................................................................................................................................................................... 650

802.1x policy...............................................................................................................................................................................................................................650

DCB conguration...............................................................................................................................................................................................................................651

Minimum DCB conguration for FCoE trac................................................................................................................................................................651

Adding a LAG...............................................................................................................................................................................................................................657

Editing a DCB switch................................................................................................................................................................................................................ 659

Editing a DCB port.....................................................................................................................................................................................................................661

Editing a LAG............................................................................................................................................................................................................................... 663

Enabling a DCB port or LAG.................................................................................................................................................................................................666

Deleting a LAG............................................................................................................................................................................................................................ 666

QoS conguration................................................................................................................................................................................................................................666

Priority-based ow control......................................................................................................................................................................................................667

Creating a DCB map.................................................................................................................................................................................................................667

Editing a DCB map....................................................................................................................................................................................................................669

Deleting a DCB map.................................................................................................................................................................................................................670

Assigning a DCB map to a port or link aggregation group.......................................................................................................................................670

Creating a Trac Class map.................................................................................................................................................................................................. 671

Editing a Trac Class map..................................................................................................................................................................................................... 671

Deleting a Trac Class map.................................................................................................................................................................................................. 672

Assigning a Trac Class map to a port or link aggregation group........................................................................................................................ 672

FCoE provisioning............................................................................................................................................................................................................................... 673

Changing the VLAN ID on the default FCoE map.......................................................................................................................................................673

Enabling or disabling the FCoE map on the port..........................................................................................................................................................674

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 15

VLAN classier conguration......................................................................................................................................................................................................... 674

Adding a VLAN classier rule............................................................................................................................................................................................... 675

Editing a VLAN classier rule................................................................................................................................................................................................677

Deleting a VLAN classier rule.............................................................................................................................................................................................678

Creating a VLAN classier group.........................................................................................................................................................................................678

Deleting a VLAN classier group.........................................................................................................................................................................................679

LLDP-DCBX conguration..............................................................................................................................................................................................................679

Conguring LLDP for FCoE .................................................................................................................................................................................................679

Adding an LLDP prole...........................................................................................................................................................................................................680

Editing an LLDP prole............................................................................................................................................................................................................681

Deleting an LLDP prole.........................................................................................................................................................................................................682

Assigning an LLDP prole to a port or ports in a LAG.............................................................................................................................................. 682

802.1x authentication........................................................................................................................................................................................................................683

Enabling 802.1x authentication........................................................................................................................................................................................... 683

Disabling 802.1x authentication..........................................................................................................................................................................................683

Setting 802.1x parameters for a port................................................................................................................................................................................683

Switch, port, and LAG deployment...............................................................................................................................................................................................685

Deploying DCB product, port, and LAG congurations.............................................................................................................................................685

Source to target switch Fabric OS version compatibility for deployment...........................................................................................................689

DCB performance............................................................................................................................................................................................................................... 690

Real-time performance graph...............................................................................................................................................................................................690

Historical performance report................................................................................................................................................................................................691

FCoE login groups ............................................................................................................................................................................................................................. 692

Adding an FCoE login group................................................................................................................................................................................................. 694

Editing an FCoE login group..................................................................................................................................................................................................696

Deleting one or more FCoE login groups........................................................................................................................................................................ 698

Disabling the FCoE login management feature on a switch.................................................................................................................................... 698

Enabling the FCoE login management feature on a switch......................................................................................................................................698

Virtual FCoE port conguration..................................................................................................................................................................................................... 699

Viewing virtual FCoE ports.....................................................................................................................................................................................................699

Clearing a stale entry.................................................................................................................................................................................................................700

Conguration and Operation Monitoring Policy Automation Services Suite................................................................................................... 703

Overview..................................................................................................................................................................................................................................................703

Conguration blocks...........................................................................................................................................................................................................................703

Viewing conguration blocks.................................................................................................................................................................................................705

Dening a conguration block...............................................................................................................................................................................................706

Importing conguration settings.......................................................................................................................................................................................... 708

Conguring FTP server settings.......................................................................................................................................................................................... 708

Conguring syslog destination settings.............................................................................................................................................................................709

Conguring SNMPv3 inform settings...............................................................................................................................................................................709

Conguring SNMPv3 Trap Destination settings........................................................................................................................................................... 710

Conguring ACL settings........................................................................................................................................................................................................711

Conguring NTP time server settings............................................................................................................................................................................... 712

Conguring NTP time zone settings..................................................................................................................................................................................712

Conguring RADIUS server settings..................................................................................................................................................................................713

Conguring AD/LDAP server settings..............................................................................................................................................................................714

Conguring TACACS+ server settings...............................................................................................................................................................................714

Conguring MAPS policy settings...................................................................................................................................................................................... 715

Conguring switch user account.......................................................................................................................................................................................... 716

Conguring switch user account credentials...................................................................................................................................................................718

Brocade Network Advisor SAN User Manual, 14.4.2

16 53-1005406-01

Editing a conguration block..................................................................................................................................................................................................719

Duplicating a conguration block.........................................................................................................................................................................................720

Deleting a conguration block...............................................................................................................................................................................................721

Templates................................................................................................................................................................................................................................................721

Viewing existing templates..................................................................................................................................................................................................... 721

Adding a template...................................................................................................................................................................................................................... 723

Removing a conguration block from a template.........................................................................................................................................................724

Editing a template.......................................................................................................................................................................................................................724

Duplicating a template..............................................................................................................................................................................................................725

Deleting a template....................................................................................................................................................................................................................725

COMPASS monitoring .....................................................................................................................................................................................................................726

Viewing COMPASS monitors............................................................................................................................................................................................... 726

Creating a product group.........................................................................................................................................................................................................728

Editing a product group............................................................................................................................................................................................................728

Linking a template......................................................................................................................................................................................................................729

Unlinking a template..................................................................................................................................................................................................................729

Synchronizing a conguration...............................................................................................................................................................................................729

Synchronizing all congurations...........................................................................................................................................................................................730

Viewing conguration drifts....................................................................................................................................................................................................730

COMPASS Drifts widget...................................................................................................................................................................................................................733

Accessing additional data from the COMPASS Drifts widget.................................................................................................................................734

Security Management...................................................................................................................................................................................................737

Layer 2 access control list management................................................................................................................................................................................... 737

Fabric OS Layer 2 ACL conguration............................................................................................................................................................................... 737

Creating a Layer 2 ACL from a saved conguration ..................................................................................................................................................744

Deleting a Layer 2 ACL conguration from the application..................................................................................................................................... 744

Deleting a Layer 2 ACL conguration from the switch...............................................................................................................................................745

Security conguration deployment...............................................................................................................................................................................................745

Deploying a security conguration on demand.............................................................................................................................................................747

Saving a security conguration deployment...................................................................................................................................................................748

Scheduling a security conguration deployment.......................................................................................................................................................... 749

FC-FC Routing Service Management.......................................................................................................................................................................753

Devices that support Fibre Channel routing............................................................................................................................................................................. 753

Fibre Channel routing overview .................................................................................................................................................................................................... 753

Guidelines for setting up Fibre Channel routing......................................................................................................................................................................755

Connecting edge fabrics to a backbone fabric........................................................................................................................................................................ 755

Conguring routing domain IDs.....................................................................................................................................................................................................758

Virtual Fabrics.................................................................................................................................................................................................................761

Virtual Fabrics overview.....................................................................................................................................................................................................................761

Terminology for Virtual Fabrics.............................................................................................................................................................................................761

Virtual Fabrics requirements............................................................................................................................................................................................................762

FICON best practices for Virtual Fabrics................................................................................................................................................................................... 764

Conguring Virtual Fabrics ............................................................................................................................................................................................................. 765

Enabling Virtual Fabrics........................................................................................................................................................................................................... 766

Disabling Virtual Fabrics..........................................................................................................................................................................................................767

Creating a logical switch or base switch............................................................................................................................................................................767

Finding the physical chassis for a logical switch............................................................................................................................................................771

Finding the logical switch from a physical chassis....................................................................................................................................................... 771

Assigning ports to a logical switch...................................................................................................................................................................................... 771

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 17

Removing ports from a logical switch................................................................................................................................................................................772

Deleting a logical switch...........................................................................................................................................................................................................773

Conguring fabric-wide parameters for a logical fabric..............................................................................................................................................774

Applying logical fabric settings to all associated logical switches.......................................................................................................................... 775

Moving a logical switch to a dierent fabric.....................................................................................................................................................................776

Changing a logical switch to a base switch......................................................................................................................................................................776

SAN Encryption Conguration................................................................................................................................................................................... 779

Encryption Center features...............................................................................................................................................................................................................779

Encryption user privileges................................................................................................................................................................................................................780

Smart card usage.................................................................................................................................................................................................................................782

Using authentication cards with a card reader................................................................................................................................................................ 782

Registering authentication cards from a card reader................................................................................................................................................... 783

Registering authentication cards from the database....................................................................................................................................................786

Deregistering an authentication card.................................................................................................................................................................................. 787

Setting a quorum for authentication cards.......................................................................................................................................................................788

Using system cards................................................................................................................................................................................................................... 788

Enabling or disabling the system card requirement.....................................................................................................................................................789

Registering system cards from a card reader................................................................................................................................................................. 789

Deregistering system cards....................................................................................................................................................................................................790

Using smart cards...................................................................................................................................................................................................................... 790

Tracking smart cards.................................................................................................................................................................................................................790

Editing smart cards....................................................................................................................................................................................................................793

Network connections..........................................................................................................................................................................................................................794

Blade processor links......................................................................................................................................................................................................................... 794

Conguring blade processor links....................................................................................................................................................................................... 795

Encryption node initialization and certicate generation......................................................................................................................................................795

Setting encryption node initialization..................................................................................................................................................................................796

Key Management Interoperability Protocol ..............................................................................................................................................................................796

Conguration parameters........................................................................................................................................................................................................796

Key vault type and vendor ......................................................................................................................................................................................................797

Supported encryption key manager appliances......................................................................................................................................................................798

Steps for connecting to a DPM appliance.................................................................................................................................................................................799

Exporting the KAC certicate signing request (CSR)...................................................................................................................................................799

Submitting the CSR to a certicate authority..................................................................................................................................................................800

KAC certicate registration expiry........................................................................................................................................................................................800

Importing the signed KAC certicate................................................................................................................................................................................. 801

Uploading the CA certicate onto the DPM appliance (and rst-time congurations)................................................................................. 801

Uploading the KAC certicate onto the DPM appliance (manual identity enrollment)..................................................................................802

DPM key vault high availability deployment....................................................................................................................................................................803

Loading the CA certicate onto the encryption group leader.................................................................................................................................. 804

Steps for connecting to an LKM/SSKM appliance................................................................................................................................................................805

Launching the NetApp DataFort Management Console...........................................................................................................................................805

Establishing the trusted link....................................................................................................................................................................................................805

Obtaining and importing the LKM/SSKM certicate.................................................................................................................................................. 806

Exporting and registering the switch KAC certicates on LKM/SSKM............................................................................................................... 807

LKM/SSKM key vault high availability deployment..................................................................................................................................................... 807

Data Encryption Keys................................................................................................................................................................................................................808

Steps for connecting to an ESKM/SKM appliance................................................................................................................................................................809

Conguring a Brocade group on ESKM/SKM...............................................................................................................................................................809

Registering the ESKM/SKM Brocade group user name and password............................................................................................................. 810

Brocade Network Advisor SAN User Manual, 14.4.2

18 53-1005406-01

Setting up the local Certicate Authority (CA) on ESKM/SKM............................................................................................................................... 812

Downloading the local CA certicate from ESKM/SKM............................................................................................................................................814

Creating and installing the ESKM/SKM server certicate......................................................................................................................................... 814

Enabling SSL on the Key Management System (KMS) Server...............................................................................................................................815

Creating an ESKM/SKM High Availability cluster.........................................................................................................................................................815

Copying the local CA certicate for a clustered ESKM/SKM appliance..............................................................................................................816

Adding ESKM/SKM appliances to the cluster............................................................................................................................................................... 816

Signing the encryption node KAC certicates................................................................................................................................................................817

Importing a signed KAC certicate into a switch...........................................................................................................................................................818

ESKM/SKM key vault high availability deployment..................................................................................................................................................... 818

Data Encryption Keys................................................................................................................................................................................................................818

ESKM/SKM key vault deregistration..................................................................................................................................................................................819

Steps for connecting to a TEKA appliance................................................................................................................................................................................820

Setting up TEKA network connections..............................................................................................................................................................................821

Creating a client on TEKA.......................................................................................................................................................................................................822

Establishing TEKA key vault credentials on the switch...............................................................................................................................................824

Signing the encryption node KAC CSR on the TEKA appliance............................................................................................................................825

Importing a signed KAC certicate into a switch...........................................................................................................................................................825

Steps for connecting to a TKLM appliance...............................................................................................................................................................................826

Exporting the Fabric OS node self-signed KAC certicates.................................................................................................................................... 826

Converting the KAC certicate format...............................................................................................................................................................................827

Establishing a default key store and device group on TKLM...................................................................................................................................827

Adding a device to the device group..................................................................................................................................................................................827

Creating a self-signed certicate for TKLM.....................................................................................................................................................................827

Importing the Fabric OS encryption node KAC certicates to TKLM..................................................................................................................828

Exporting the TKLM self-signed server certicate.......................................................................................................................................................828

Importing the TKLM certicate into the group leader................................................................................................................................................. 829

Steps for connecting to a KMIP-compliant SafeNet KeySecure......................................................................................................................................829

Setting FIPS compliance.........................................................................................................................................................................................................830

Creating a local CA.....................................................................................................................................................................................................................830

Creating a server certicate.................................................................................................................................................................................................... 830

Creating a cluster........................................................................................................................................................................................................................ 831

Conguring a Brocade group on the KeySecure...........................................................................................................................................................831

Registering the KeySecure Brocade group user name and password.................................................................................................................832

Signing the encryption node KAC CSR on KMIP......................................................................................................................................................... 833

Importing a signed KAC certicate into a switch...........................................................................................................................................................835

Backing up the certicates......................................................................................................................................................................................................835

Conguring the KMIP server................................................................................................................................................................................................. 837

Adding a node to the cluster..................................................................................................................................................................................................837

Steps for connecting to a KMIP-compliant keyAuthority....................................................................................................................................................838

Encryption preparation.......................................................................................................................................................................................................................838

Creating a new encryption group...................................................................................................................................................................................................839

Conguring key vault settings for RSA Data Protection Manager (DPM)...........................................................................................................845

Conguring key vault settings for NetApp Link Key Manager (LKM/SSKM)....................................................................................................851

Conguring key vault settings for HP Enterprise Secure Key Manager (ESKM/SKM)................................................................................. 857

Conguring key vault settings for Thales e_Security keyAuthority (TEKA)........................................................................................................ 864

Conguring key vault settings for IBM Tivoli Key Lifetime Manager (TKLM)................................................................................................... 870

Conguring key vault settings for Key Management Interoperability Protocol.................................................................................................877

Understanding conguration status results..................................................................................................................................................................... 884

Adding a switch to an encryption group.....................................................................................................................................................................................885

Brocade Network Advisor SAN User Manual, 14.4.2

53-1005406-01 19

Replacing an encryption engine in an encryption group..................................................................................................................................................... 891

High availability clusters ...................................................................................................................................................................................................................892

HA cluster conguration rules ..............................................................................................................................................................................................893

Creating HA clusters ................................................................................................................................................................................................................ 893

Removing engines from an HA cluster............................................................................................................................................................................. 894

Swapping engines in an HA cluster.................................................................................................................................................................................... 894

Failback option.............................................................................................................................................................................................................................895

Conguring encryption storage targets...................................................................................................................................................................................... 895

Adding an encryption target...................................................................................................................................................................................................896

Conguring hosts for encryption targets....................................................................................................................................................................................904

Adding target disk LUNs for encryption.....................................................................................................................................................................................906

Conguring storage arrays......................................................................................................................................................................................................913

Remote replication LUNs........................................................................................................................................................................................................913

SRDF pairs....................................................................................................................................................................................................................................913

Metadata requirements and remote replication............................................................................................................................................................. 914

Adding target tape LUNs for encryption.................................................................................................................................................................................... 915

Moving targets.......................................................................................................................................................................................................................................918

Conguring encrypted tape storage in a multi-path environment...................................................................................................................................918

Tape LUN write early and read ahead......................................................................................................................................................................................... 919

Enabling and disabling tape LUN write early and read ahead................................................................................................................................. 919

Tape LUN statistics............................................................................................................................................................................................................................. 920

Viewing and clearing tape container statistics................................................................................................................................................................ 921

Viewing and clearing tape LUN statistics for specic tape LUNs..........................................................................................................................922

Viewing and clearing statistics for tape LUNs in a container....................................................................................................................................924

Encryption engine rebalancing....................................................................................................................................................................................................... 926

Rebalancing an encryption engine...................................................................................................................................................................................... 927

Master keys.............................................................................................................................................................................................................................................927

Active master key........................................................................................................................................................................................................................928

Alternate master key..................................................................................................................................................................................................................928

Master key actions......................................................................................................................................................................................................................928

Saving the master key to a le.............................................................................................................................................................................................. 929

Saving a master key to a key vault.......................................................................................................................................................................................929

Saving a master key to a smart card set...........................................................................................................................................................................930

Restoring a master key from a le.......................................................................................................................................................................................931

Restoring a master key from a key vault...........................................................................................................................................................................931

Restoring a master key from a smart card set................................................................................................................................................................931

Creating a new master key......................................................................................................................................................................................................932

Security settings ..................................................................................................................................................................................................................................932

Zeroizing an encryption engine......................................................................................................................................................................................................932

Setting zeroization......................................................................................................................................................................................................................933

Using the Encryption Targets dialog box................................................................................................................................................................................... 934

Redirection zones.................................................................................................................................................................................................................................934

Disk device decommissioning........................................................................................................................................................................................................935

Decommissioning disk LUNs............................................................................................................................................................................................... 935

Displaying and deleting decommissioned key IDs.......................................................................................................................................................936

Displaying Universal IDs..........................................................................................................................................................................................................937

Rekeying all disk LUNs manually..................................................................................................................................................................................................938

Setting disk LUN Re-key All.................................................................................................................................................................................................. 938

Viewing disk LUN rekeying details...................................................................................................................................................................................... 940

Viewing the progress of manual rekey operations........................................................................................................................................................942

Brocade Network Advisor SAN User Manual, 14.4.2

20 53-1005406-01

Broadcom Brocade Network Advisor SAN User , 14.4.2 User guide

Related papers

Other documents