EasyManuals Logo

Cisco Small Business 200 Series Administration Guide

Cisco Small Business 200 Series
337 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #297 background imageLoading...
Page #297 background image
Security: Secure Sensitive Data Management
SSD Properties
Cisco Small Business 200 Series Smart Switch Administration Guide 296
22
SSD Properties
SSD properties are a set of parameters that, in conjunction with the SSD rules, define and control the SSD
environment of a device. The SSD environment consists of these properties:
• Controlling how the sensitive data is encrypted.
• Controlling the strength of security on configuration files.
• Controlling how the sensitive data is viewed within the current session.
Passphrase
A passphrase is the basis of the security mechanism in the SSD feature, and is used to generate the key for
the encryption and decryption of sensitive data. Sx200, Sx300, Sx500, and SG500X/SG500XG/ESW2-
550X series switches that have the same passphrase are able to decrypt each other's sensitive data
encrypted with the key generated from the passphrase.
A passphrase must comply with the following rules:
• Length—Between 8-16 characters.
• Character Classes—The passphrase must have at least one upper case character, one lower case
character, one numeric character, and one special character e.g. #,$.
Default and User-defined Passphrases
All devices come with a default, out-of-the box passphrase that is transparent to users. The default
passphrase is never displayed in the configuration file or in the CLI/GUI.
If better security and protection are desired, an administrator should configure SSD on a device to use a
user-defined passphrase instead of the default passphrase. A user-defined passphrase should be treated
as a well-guard secret, so that the security of the sensitive data on the device is not compromised.
A user-defined passphrase can be configured manually in plain text. It can also be derived from a
configuration file. (See Sensitive Data Zero-Touch Auto Configuration). A device always displays user-
defined passphrases encrypted.
Local Passphrase
A device maintains a local passphrase which is the passphrase of its Running Configuration. SSD normally
performs encryption and decryption of sensitive data with the key generated from the local passphrase.

Table of Contents

Other manuals for Cisco Small Business 200 Series

Preview: User Manual
User Manual428 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Small Business 200 Series and is the answer not in the manual?

Cisco Small Business 200 Series Specifications

General IconGeneral
BrandCisco
ModelSmall Business 200 Series
CategorySwitch
LanguageEnglish

Related product manuals