Fabric OS Administrator's Guide v7.0.0 (53-1002148-02, June 2011)
Fabric OS Administrator’s Guide 117
53-1002148-02
Chapter
6
Configuring Protocols
In this chapter
•Security protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
•Secure Copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
•Secure Shell protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
•Secure Sockets Layer protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
•Simple Network Management Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
•Telnet protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
•Listener applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
•Ports and applications used by switches. . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Security protocols
Security protocols provide endpoint authentication and communications privacy using
cryptography. Typically, you are authenticated to the switch while the switch remains
unauthenticated to you. This means that you can be sure with what you are communicating. The
next level of security, in which both ends of the conversation are sure with whom they are
communicating, is known as two-factor authentication. Two-factor authentication requires public
key infrastructure (PKI) deployment to clients.
Fabric OS supports the secure protocols shown in Table 18.
TABLE 18 Secure protocol support
Protocol Description
HTTPS HTTPS is a Uniform Resource Identifier scheme used to indicate a secure HTTP connection. Web Tools
supports the use of hypertext transfer protocol over secure socket layer (HTTPS).
IPsec Internet Protocol Security (IPsec) is a framework of open standards for providing confidentiality,
authentication and integrity for IP data transmitted over untrusted links or networks.
LDAPS Lightweight Directory Access Protocol over SSL uses a certificate authority (CA). By default, LDAP traffic
is transmitted unsecured. You can make LDAP traffic confidential and secure by using Secure Sockets
Layer (SSL) / Transport Layer Security (TLS) technology in conjunction with LDAP.
SCP Secure Copy (SCP) is a means of securely transferring computer files between a local and a remote
host or between two remote hosts, using the Secure Shell (SSH) protocol. Configuration upload and
download support the use of SCP.
SNMP SNMP is used in network management systems to monitor network-attached devices for conditions
that warrant administrative attention. Supports SNMPv1, v2, and v3.