Security Configuration Guide, Cisco DCNM for SAN, Release 6.x
Preface
Downloads: This chapterpdf (PDF - 111.0KB) The complete bookPDF (PDF - 2.88MB) | Feedback

Preface

Table Of Contents

Preface

Audience

Document Organization

Document Conventions

Related Documentation

Release Notes

Regulatory Compliance and Safety Information

Compatibility Information

Hardware Installation

Software Installation and Upgrade

Cisco NX-OS

Cisco DCNM

Cisco DCNM-SAN

Command-Line Interface

Intelligent Storage Networking Services Configuration Guides

Troubleshooting and Reference

Obtaining Documentation and Submitting a Service Request


Preface


This preface describes the audience, organization, and conventions of the Security Configuration Guide, Cisoc DCNM for SAN. It also provides information on how to obtain related documentation.

Audience

This guide is for experienced network administrators who are responsible for configuring and maintaining the Cisco MDS 9000 Family of multilayer directors and fabric switches.

Document Organization

This document is organized as folows:

Chapter
Title
Description

Chapter 

Security Overview

Provides an overview of the security features supported by the Cisco MDS 9000 Family NX-OS software.

Chapter 2

Configuring FIPS

Describes the configuration guidelines for FIPS and also how to enable FIPS mode and how to conduct FIPS self-tests.

Chapter 3

Configuring Users and Common Role

Describes how to configure users and common roles.

Chapter 4

Configuring Security Features on an External AAA Server

Describes the AAA parameters, user profiles, and RADIUS authentication security options provided in all switches in the Cisco MDS 9000 Family and provides configuration information for these options.

Chapter 5

Configuring IPv4 and IPv6 Access Control Lists

Describes the IPv4 static routing feature and its use to route traffic between VSANs.

Chapter 6

Configuring Certificate Authorities and Digital Certificates

Describes how to interoperate with Certificate Authorities (CAs) and use digital certificates for secure, scalable communication.

Chapter 7

Configuring IPsec Network Security

Provides details on the digital certificates, IP Security Protocol (IPsec) open standards, and the Internet Key Exchange (IKE) protocol that it uses to handle protocol and algorithm negotiation.

Chapter 8

Configuring FC-SP and DHCHAP

Describes the DHCHAP protocol, an FC-SP protocol, that provides authentication between Cisco MDS 9000 Family switches and other devices.

Chapter 9

Configuring Port Security

Provides details on port security features that can prevent unauthorized access to a switch port in the Cisco MDS 9000 Family.

Chapter 10

Configuring Fabric Binding

Describes the fabric binding security feature for VSANs, which ensures that ISLs are only enabled between specific switches.

Chapter 11

Configuring Cisco TrustSec Fibre Channel Link Encryption

Describes how the switch allows IP hosts to access Fibre Channel storage using the iSCSI protocol.


Document Conventions

Command descriptions use these conventions:

boldface font

Commands and keywords are in boldface.

italic font

Arguments for which you supply values are in italics.

[ ]

Elements in square brackets are optional.

[ x | y | z ]

Optional alternative keywords are grouped in brackets and separated by vertical bars.


Screen examples use these conventions:

screen font

Terminal sessions and information the switch displays are in screen font.

boldface screen font

Information you must enter is in boldface screen font.

italic screen font

Arguments for which you supply values are in italic screen font.

< >

Nonprinting characters, such as passwords, are in angle brackets.

[ ]

Default responses to system prompts are in square brackets.

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.


This document uses the following conventions:


Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.



Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Related Documentation

The documentation set for the Cisco MDS 9000 Family includes the following documents. To find a document online, use the Cisco MDS NX-OS Documentation Locator at:

http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/roadmaps/doclocater.htm

Release Notes

Cisco MDS 9000 Family Release Notes for Cisco MDS NX-OS Releases

Cisco MDS 9000 Family Release Notes for MDS SAN-OS Releases

Cisco MDS 9000 Family Release Notes for Cisco MDS 9000 EPLD Images

Cisco DCNM Release Notes

Regulatory Compliance and Safety Information

Regulatory Compliance and Safety Information for the Cisco MDS 9000 Family

Compatibility Information

Cisco Data Center Interoperability Support Matrix

Cisco MDS 9000 NX-OS Hardware and Software Compatibility Information and Feature Lists

Cisco MDS 9000 Family Switch-to-Switch Interoperability Configuration Guide

Hardware Installation

Cisco MDS 9500 Series Hardware Installation Guide

Cisco MDS 9200 Series Hardware Installation Guide

Cisco MDS 9100 Series Hardware Installation Guide

Cisco MDS 9124 and Cisco MDS 9134 Multilayer Fabric Switch Quick Start Guide

Software Installation and Upgrade

Cisco MDS 9000 NX-OS Software Upgrade and Downgrade Guide

Cisco NX-OS

Cisco MDS 9000 Family NX-OS Licensing Guide

Cisco MDS 9000 Family NX-OS Fundamentals Configuration Guide

Cisco MDS 9000 Family NX-OS System Management Configuration Guide

Cisco MDS 9000 Family NX-OS Interfaces Configuration Guide

Cisco MDS 9000 Family NX-OS Fabric Configuration Guide

Cisco MDS 9000 Family NX-OS Quality of Service Configuration Guide

Cisco MDS 9000 Family NX-OS Security Configuration Guide

Cisco MDS 9000 Family NX-OS IP Services Configuration Guide

Cisco MDS 9000 Family NX-OS Intelligent Storage Services Configuration Guide

Cisco MDS 9000 Family NX-OS High Availability and Redundancy Configuration Guide

Cisco MDS 9000 Family NX-OS Inter-VSAN Routing Configuration Guide

Cisco MDS 9000 Family Cookbook for Cisco MDS SAN-OS

Cisco DCNM

Cisco DCNM Fundamentals Guide, Release 6.x

Cisco DCNM Installation and Licensing Guide, Release 6.x

Cisco DCNM-SAN

System Management Configuration Guide, Cisco DCNM for SAN, Release 6.x

Interfaces Configuration Guide, Cisco DCNM for SAN, Release 6.x

Fabric Configuration Guide, Cisco DCNM for SAN, Release 6.x

Quality of Service Configuration Guide, Cisco DCNM for SAN, Release 6.x

Security Configuration Guide, Cisco DCNM for SAN, Release 6.x

IP Services Configuration Guide, Cisco DCNM for SAN, Release 6.x

Intelligent Storage Services Configuration Guide, Cisco DCNM for SAN, Release 6.x

High Availability and Redundancy Configuration Guide, Cisco DCNM for SAN, Release 6.x

Inter-VSAN Routing Configuration Guide, Cisco DCNM for SAN, Release 6.x

SMI-S and Web Services Programming Guide, Cisco DCNM for SAN, Release 6.x

Command-Line Interface

Cisco MDS 9000 Family Command Reference

Intelligent Storage Networking Services Configuration Guides

Cisco MDS 9000 Family I/O Acceleration Configuration Guide

Cisco MDS 9000 Family SANTap Deployment Guide

Cisco MDS 9000 Family Data Mobility Manager Configuration Guide

Cisco MDS 9000 Family Storage Media Encryption Configuration Guide

Troubleshooting and Reference

Cisco MDS 9000 Family and Nexus 7000 Series System Messages Reference

Cisco MDS 9000 Family SAN-OS Troubleshooting Guide

Cisco MDS 9000 Family NX-OS MIB Quick Reference

Cisco DCNM for SAN Database Schema Reference

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.