EasyManuals Logo

Cisco 500 Series Administration Guide

Cisco 500 Series
653 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #568 background imageLoading...
Page #568 background image
Security: Secure Sensitive Data Management
SSD Rules
Cisco 500 Series Stackable Managed Switch Administration Guide 566
26
NOTE Note the following:
• The default Read mode for the Secure XML SNMP and Insecure XML SNMP
management channels must be identical to their read permission.
• Read permission Exclude is allowed only for Secure XML SNMP and
Insecure XML SNMP management channels; Exclude is not allowed for
regular secure and insecure channels.
• Exclude sensitive data in secure and Insecure XML-SNMP management
channels means that the sensitive data is presented as a 0 (meaning null
string or numeric 0). If the user wants to view sensitive data, the rule must
be changed to plaintext.
• By default, an SNMPv3 user with privacy and XML-over-secure channels
permissions is considered to be a level-15 user.
• SNMP users on Insecure XML and SNMP (SNMPv1,v2, and v3 with no
privacy) channel are considered as All users.
• SNMP community names are not used as user names to match SSD rules.
• Access by a specific SNMPv3 user can be controlled by configuring an
SSD rule with a user name matching the SNMPv3 user name.
• There must always be at least one rule with read permission: Plaintext Only
or Both, because only users with those permissions are able to access the
SSD pages.
• Changes in the default read mode and read permissions of a rule will
become effective, and will be applied to the affected user(s) and channel of
all active management sessions immediately, excluding the session making
the changes even if the rule is applicable. When a rule is changed (add,
delete, edit), a system will update all the affected CLI/GUI sessions.
NOTE When the SSD rule applied upon the session login is changed from
within that session, the user must log out and back in to see the change.
NOTE When doing a file transfer initiated by an XML or SNMP command, the
underlying protocol used is TFTP. Therefore, the SSD rule for insecure
channel will apply.
SSD Rules and User Authentication
SSD grants SSD permission only to authenticated and authorized users and
according to the SSD rules. A device depends on its user authentication process
to authenticate and authorize management access. To protect a device and its
data including sensitive data and SSD configurations from unauthorized access, it

Table of Contents

Other manuals for Cisco 500 Series

Preview: Quick Start Guide
Quick Start Guide72 pages
Preview: Quick Start Quide
Quick Start Quide12 pages
Preview: Safety Information
Safety Information42 pages
Preview: User Guide
User Guide6 pages
Preview: Datasheet
Datasheet5 pages
Preview: Troubleshooting And Maintenance
Troubleshooting And Maintenance14 pages
Preview: Quick Reference Guide
Quick Reference Guide7 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 500 Series and is the answer not in the manual?

Cisco 500 Series Specifications

General IconGeneral
ModelCisco 500 Series
CategorySwitch
MountingRack-mountable
ManagementWeb-based, CLI, SNMP
Ports24, 48
Port Speed10/100/1000 Mbps
PoE SupportAvailable on some models
Switching CapacityUp to 176 Gbps
MAC Address Table Size16, 000 entries
SecurityACLs, 802.1X
Quality of Service (QoS)Yes
DimensionsVaries by model
WeightVaries by model
Humidity10% to 90% non-condensing
Power SupplyInternal
Power ConsumptionVaries by model
Jumbo Frame SupportUp to 9216 bytes

Related product manuals