Security: Secure Sensitive Data Management
Configuration Files
448 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)
21
The SSD indicator in a file is set according to the user’s instruction, during copy, to
include encrypted, plaintext or exclude sensitive data from a file.
SSD Control Block
When a device creates a text-based configuration file from its Startup or Running
Configuration file, it inserts an SSD control block into the file if a user requests the
file is to include sensitive data. The SSD control block, which is protected from
tampering, contains SSD rules and SSD properties of the device creating the file.
A SSD control block starts and ends with "ssd-control-start" and "ssd-control-end"
respectively.
Startup Configuration File
The device currently supports copying from the Running, Backup, Mirror, and
Remote Configuration files to a Startup Configuration file. The configurations in the
Startup Configuration are effective and become the Running Configuration after
reboot. A user can retrieve the sensitive data encrypted or in plaintext from a
startup configuration file, subject to the SSD read permission and the current SSD
read mode of the management session.
Read access of sensitive data in the startup configuration in any forms is excluded
if the passphrase in the Startup Configuration file and the local passphrase are
different.
SSD adds the following rules when copying the Backup, Mirror, and Remote
Configuration files to the Startup Configuration file:
• After a device is reset to factory default, all of its configurations, including
the SSD rules and properties are reset to default.
• If a source configuration file contains encrypted sensitive data, but is
missing an SSD control block, the device rejects the source file and the
copy fails.
• If there is no SSD control block in the source configuration file, the SSD
configuration in the Startup Configuration file is reset to default.
• If there is a passphrase in the SSD control block of the source configuration
file, the device will reject the source file, and the copy fails if there is
encrypted sensitive data in the file not encrypted by the key generated
from the passphrase in the SSD control block.
To Next Page
Loading...
Need help?
General
