hit counter script

Cisco SD208T-NA Administration Manual page 264

Administration guide
Table of Contents

Advertisement

Secure Sensitive Data
Configuration Files
Cisco Small Business 200 Series Smart Switch Administration Guide
Configuration commands with encrypted sensitive data, that are encrypted
with the key generated from the local passphrase, are configured into the
Running Configuration. Otherwise, the configuration command is in error,
and is not incorporated into the Running Configuration file.
Backup and Mirror Configuration File
A device periodically generates its Mirror Configuration file from the Startup
Configuration file if auto mirror configuration service is enabled. A device always
generates a Mirror Configuration file with encrypted sensitive data. Therefore, the
File SSD Indicator in a Mirror Configuration file always indicates that the file
contains encrypted sensitive data.
By default, auto mirror configuration service is enabled. To configure auto mirror
configuration to be enabled or disabled, click Administration > File Management >
Configuration File Properties.
A user can display, copy, and upload the complete mirror and backup
configuration files, subject to SSD read permission, the current read mode in the
session, and the file SSD indicator in the source file as follows:
If there is no file SSD indicator in a mirror or backup configuration file, all
users are allowed to access the file.
A user with Both read permission can access all mirror and backup
configuration files. However, if the current read mode of the session is
different than the file SSD indicator, the user is presented with a prompt
indicating that this action is not allowed.
A user with Plaintext Only permission can access mirror and backup
configuration files if their file SSD Indicator shows Exclude or Plaintext Only
sensitive data.
A user with Encrypted Only permission can access mirror and backup
configuration files with their file SSD Indicator showing Exclude or
Encrypted sensitive data.
A user with Exclude permission cannot access mirror and backup
configuration files with their file SSD indicator showing either encrypted or
plaintext sensitive data.
The user should not manually change the file SSD indicator that conflicts with the
sensitive data, if any, in the file. Otherwise, plaintext sensitive data may be
unexpectedly exposed.
19
265

Advertisement

Table of Contents
loading

Table of Contents