To protect mission-critical data in your storage system from illegal access, apply security policies to logical volumes.
If LUN security is enabled on ports, host groups affect which host can access which LUs. Hosts can access only the LUs associated with the host group to which the hosts belong. Hosts cannot access LUs associated with other host groups. For example, hosts in the hp-ux host group cannot access LUs associated with the windows host group. Also, hosts in the windows host group cannot access LUs associated with the hp-ux host group.
LUN security is disabled, by default, on each port. When you configure your storage system, you must enable LUN security on each port to which hosts are connected. When registering hosts in multiple host groups, you must enable LUN security (set the switch to enabled). When you change LUN security from disabled to enabled, you must specify the WWN of the host bus adapter.
Enabling LUN security example
In this example, LUN security is enabled on port CL1-A. The two hosts in the hg-lnx host group can access only three LUs (00:00:00, 00:00:01, and 00:00:02). The two hosts in the hg-hpux host group can access only two LUs (00:02:01 and 00:02:02). The two hosts in the hg-solar host group can access only two LUs (00:01:05 and 00:01:06).
Disabling LUN security example
Typically, you do not need to disable LUN security on ports. For example, if LUN security is disabled on a port, the connected hosts can access only the LUs associated with host group 0 and cannot access LUs associated with any other host group.
Host group 0 is the only host group reserved, by default, for each port.
The default name of host group 0 consists of the port name, a hyphen (-), and the number 00. For example, the default name of host group 0 for port 1A is 1A-G00. However, you can change the default name of the host group 0.