Zone Types
Zones can be hard (hardware enforced) or soft (advisory).
In a hard zone, sometimes referred to as a port zone, zone members are specified by physical port number. In a soft zone, at least one zone member is specified logically by World Wide Name (WWN).
Hard Zones In a hard zone, all zone members are specified as switch ports; any number
of ports in the fabric can be configured to the zone. When a zone member is
specified by port number, only the individual device port specified is
included in the zone.
Hard zones are position-dependent, that is, a device is identified by the
physical port to which it is connected. Switch hardware ensures that there is
no data transfer between unauthorized zone members. However, devices can
transfer data between ports within the same zone. Consequently, hard zoning
provides the greatest security possible. Use it where security must be rigidly
enforced.
Soft Zones In a soft zone, at least one zone member is specified by WWN. A device is
included in a zone if either the node WWN or port WWN specified matches
an entry in the name server table.
When a device logs in, it queries the name server for devices within the
fabric. If zoning is in effect, only the devices in the same zone(s) are
returned. Other devices are hidden from the name server query reply. When
a WWN is specified, all ports on the specified device are included in the
zone.
Soft zones are name server-dependent and therefore provide more flexibility
- new devices can be attached without regard to physical location. However,
the switch does not control data transfer so there is no guarantee against data
transfer from unauthorized zone members. Use soft zoning where flexibility
is important and security can be ensured by the cooperating hosts.
In addition to hard and soft zones, a third type of zone is also available:
Broadcast Zone Only one broadcast zone can exist within a fabric. It is named
“broadcast” and it is used to specify those nodes that are to receive broadcast traffic.
This type of zone is hardware enforced; the switch controls data transfer to a
port.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment