– Identifies each device in a specified zone by WWN – Zones “follow” devices – WWNs can be spoofed – Easier to manage but slightly less secure
When WWN zoning is used: Node WWPNs are assigned to zones. If a zoned device is unplugged from a port, the port does not belong to any zone and is therefore still secure. If the zoned device is moved to another port, the device will still belong to the correct zone. The zone “follows” the device WWN. WWNs can be spoofed if someone knows the correct WWN. An attacker could spoof frame addresses, and may be able to infiltrate soft zones by trying various initiator and target addresses. WWN zoning is therefore somewhat less secure than port zoning, but has the advantage of being easier to manage.