The server / datacenter guys here are seriously looking at the HP c-Class blade system and the Cisco 3020 blade switches. I like the fact that the 16 internal ports remove the need for me to manually patch each individual bladeserver, but I'm concerned about the having to grant the server guys configuration access to the 3020's in order to allocate ports to blades.
Right now they have no access, not even read-only, to the server distribution switches (6509's), mostly because they've never needed to, and also because we don't trust 'em :-) (I'm not an admin on their servers, they're not admins on my switches!)
I intend on implementing the same features/functionality on the Cisco 3020 that we do on our other switches, including AAA TACACS+ authentication, QoS, trunking/uplink options, etc.
However, even after reading all of the documentation (both Cisco and HP) I'm not sure:
1) using the CLI, can I assign a switchport to a bladeserver, or is that only accomplished via the HP Virtual Connect (or other) GUI application?
2) Is it possible (using Cisco ACS via TACACS or RADIUS) to give the server admins Read-only access to the switchport config, and/or JUST the ability to modify which bladeserver maps to which internal port?
Is it possible/feasible to lock the server guys out of the 3020 entirely, and if so what are the downsides.
3) Is the 3020 supported via Ciscoworks LMS (RME config pulls, ios updates)?
Any experiences with the 3020, good or bad, would be greatly appreciated!