What is Fibre Channel Authentication Protocol

According to the Brocade FOS Admin guide (I suppose that for Cisco will be the same), FCAP is used to authenticate switchs between each others.

"By default, Fabric OS v6.2.0 and later use DH-CHAP or FCAP protocols for authentication. These

protocols use shared secrets and digital certificates, based on switch WWN and public key

infrastructure (PKI) technology, to authenticate switches. Authentication automatically defaults to

FCAP if both switches are configured to accept FCAP protocol in authentication. To use FCAP on

both switches, PKI certificates have to be installed.

FCAP requires the exchange of certificates between two or more switches to authenticate to each

other before they form or join a fabric. By default, these certificates are issued by Brocade, and

therefore Brocade is the root CA for all of the issued certificates. You can change the default by

getting your certificates from a third-party vendor. You can use Brocade certificates between the

switches that are Fabric OS v6.4.0 and pre-v6.4.0. The certificates must be in PEM (Privacy

Enhanced Mail) encoded format for both root and peer certificates. The switch certificates issued

from the third-party vendors can be directly issued from the root CA or from an intermediate CA

authority."

To use with end devs DH-CHAP is commonly used and must be supported by the HBA. When it comes to CLARiiON/VNX, I have not found any info indicating that is supported.