EasyManuals Logo

Cisco 500 Series Administration Guide

Cisco 500 Series
653 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #571 background imageLoading...
Page #571 background image
Security: Secure Sensitive Data Management
SSD Properties
569 Cisco 500 Series Stackable Managed Switch Administration Guide
26
• Character Classes—The passphrase must have at least one upper case
character, one lower case character, one numeric character, and one special
character e.g. #,$.
Default and User-defined Passphrases
All devices come with a default, out-of-the box passphrase that is transparent to
users. The default passphrase is never displayed in the configuration file or in the
CLI/GUI.
If better security and protection are desired, an administrator should configure
SSD on a device to use a user-defined passphrase instead of the default
passphrase. A user-defined passphrase should be treated as a well-guard secret,
so that the security of the sensitive data on the device is not compromised.
A user-defined passphrase can be configured manually in plain text. It can also be
derived from a configuration file. (See Sensitive Data Zero-Touch Auto
Configuration). A device always displays user-defined passphrases encrypted.
Local Passphrase
A device maintains a local passphrase which is the passphrase of its Running
Configuration. SSD normally performs encryption and decryption of sensitive data
with the key generated from the local passphrase.
The local passphrase can be configured to be either the default passphrase or a
user-defined passphrase. By default, the local passphrase and default
passphrase are identical. It can be changed by administrative actions from either
the Command Line Interface (if available) or the web-based interface. It is
automatically changed to the passphrase in the startup configuration file, when the
startup configuration becomes the running configuration of the device. When a
device is reset to factory default, the local passphrase is reset to the default
passphrase.
Configuration File Passphrase Control
File passphrase control provides additional protection for a user-defined
passphrase, and the sensitive data that are encrypted with the key generated
from the user-defined passphrase, in text-based configuration files.
The following are the existing passphrase control modes:

Table of Contents

Other manuals for Cisco 500 Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 500 Series and is the answer not in the manual?

Cisco 500 Series Specifications

General IconGeneral
ModelCisco 500 Series
CategorySwitch
MountingRack-mountable
ManagementWeb-based, CLI, SNMP
Ports24, 48
Port Speed10/100/1000 Mbps
PoE SupportAvailable on some models
Switching CapacityUp to 176 Gbps
MAC Address Table Size16, 000 entries
SecurityACLs, 802.1X
Quality of Service (QoS)Yes
DimensionsVaries by model
WeightVaries by model
Humidity10% to 90% non-condensing
Power SupplyInternal
Power ConsumptionVaries by model
Jumbo Frame SupportUp to 9216 bytes

Related product manuals