Securing or unsecuring the FibreBridge bridge

To easily disable potentially unsecure Ethernet protocols on a bridge, beginning with ONTAP 9.6 you can secure the bridge. This disables the bridge's Ethernet ports. You can also reenable Ethernet access.

About this task

Securing the bridge disables telnet and other IP port protocols and services (FTP, ExpressNAV, ICMP, or QuickNAV) on the bridge.
This procedure uses out-of-band management using the ONTAP prompt, which is available beginning with ONTAP 9.5.
You can issue the commands from the bridge CLI if you are not using out-of-band management.
The unsecurebridge command can be used to reenable the Ethernet ports.

Note

Starting with ONTAP 9.8, the storage bridge command is replaced with system bridge. The following steps show the storage bridge command but if you are running ONTAP 9.8 or later the system bridge command is preferred.

From the ONTAP prompt of the cluster containing the bridge, secure or unsecure the bridge.
Example
The following command secures bridge_A_1:
cluster_A> storage bridge run-cli -bridge bridge_A_1 -command securebridge
The following command unsecures bridge_A_1:
cluster_A> storage bridge run-cli -bridge bridge_A_1 -command unsecurebridge
From the ONTAP prompt of the cluster containing the bridge, save the bridge configuration: storage bridge run-cli -bridge bridge-name -command saveconfiguration
Example
The following command secures bridge_A_1:
cluster_A> storage bridge run-cli -bridge bridge_A_1 -command saveconfiguration
From the ONTAP prompt of the cluster containing the bridge, restart the bridge's firmware: storage bridge run-cli -bridge bridge-name -command firmwarerestart
Example
The following command secures bridge_A_1:
cluster_A> storage bridge run-cli -bridge bridge_A_1 -command firmwarerestart

Give documentation feedback