Page15Reference informationTerminologyCHAP (Challenge Handshake Authentication Protocol). An optional security protocol used to control access to an iSCSI storagesystem by restricting use of the iSCSI data ports on both the host server and iSCSI to SAS bridge. For more information on thetypes of CHAP authentication supported, see Understanding CHAP Authentication.Host server port iSCSI port on the host server used to connect it to bridge.iSCSI initiator The iSCSI-specific software installed on the host server that controls communications between the host serverand the iSCSI to SAS bridge.NOTE: A NOTE indicates important information that helps you make better use of your computer.NOTICE: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid theproblem.Understanding CHAP AuthenticationBefore proceeding to either Step 5: Configure CHAP Authentication on the ISCSI to SAS bridge (optional)orStep 6: Configure CHAP Authentication on the Host Server (optional), it would be useful to gain anoverview of how CHAP authentication works.What is CHAP?Challenge Handshake Authentication Protocol (CHAP) is an optional iSCSI authentication method wherethe iSCSI to SAS bridge (target) authenticates iSCSI initiators on the host server. Two types of CHAP aresupported: target CHAP and mutual CHAP.Target CHAPIn target CHAP, the iSCSI to SAS bridge authenticates all requests for access issued by the iSCSIinitiator(s) on the host server via a CHAP secret. To set up target CHAP authentication, you enter aCHAP secret on the iSCSI to SAS bridge, then configure each iSCSI initiator on the host server to sendthat secret each time it attempts to access the iSCSI to SAS bridge.Mutual CHAPIn addition to setting up target CHAP, you can set up mutual CHAP in which both the iSCSI to SAS bridgeand the iSCSI initiator authenticate each other. To set up mutual CHAP, you configure the iSCSI initiatorwith a CHAP secret that the iSCSI to SAS bridge must send to the host sever in order to establish aconnection.In this two-way authentication process, both the host server and the iSCSI to SAS bridge are sendinginformation that the other must validate before a connection is allowed.CHAP is an optional feature and is not required to use iSCSI. However, if you do not configure CHAPauthentication, any host server connected to the same IP network as the iSCSI to SAS bridge can readfrom and write to the iSCSI to SAS bridge.Using iSNSiSNS (Internet Storage Naming Service) Server, supported only on Windows iSCSI environments,eliminates the need to manually configure each individual iSCSI to SAS bridge with a specific list ofinitiators and target IP addresses. Instead, iSNS automatically discovers, manages, and configures alliSCSI devices in your environment.For more information on iSNS, including installation and configuration, see www.microsoft.com