A storage area network (SAN) attaches remote storage devices to servers. Fibre Channel is one type of SAN and has become the SAN most used for enterprise networks. Zoning is a fabric management service included in the Fibre Channel protocol that can be used to create logical subsets of devices within a Storage Area Network and enables the partitioning of resources for the management and access control of frame traffic between ports. If a zone including a selected number of ports is set up and activated then communication through any port in the zone is only allowed with other ports in the zone.
Fibre Channel zones are created to increase network security and prevent data loss or corruption. For example, it may be desirable to screen off certain devices on a fabric in order to perform testing and/or maintenance activities on only those devices without the risk of interfering with the other devices on the fabric. Devices may need to be segregated according to their operating system or other technical features, certain devices may wish to receive only frames using a certain protocol, or access to or by certain devices may need to be restricted for security reasons. Additionally, the system may wish to monitor the characteristics of individual frames being sent within the fabric. A Fibre Channel zone may be implemented by programming Access Control Lists (ACLs) at the ports in the Fibre Channel zone. The ACL at a particular port is programmed to allow access only to other ports in a defined Fibre Channel zone.