Security: Secure Sensitive Data Management
Configuration Files
NOTE
Cisco Sx350, SG350X, SG350XG, Sx550X & SG550XG Series Managed Switches, Firmware Release 2.2.5.x
•
If there is no file SSD indicator in a mirror or backup configuration file, all users are
allowed to access the file.
•
A user with Both read permission can access all mirror and backup configuration files.
However, if the current read mode of the session is different than the file SSD
indicator, the user is presented with a prompt indicating that this action is not allowed.
•
A user with Plaintext Only permission can access mirror and backup configuration
files if their file SSD Indicator shows Exclude or Plaintext Only sensitive data.
•
A user with Encrypted Only permission can access mirror and backup configuration
files with their file SSD Indicator showing Exclude or Encrypted sensitive data.
•
A user with Exclude permission cannot access mirror and backup configuration files
with their file SSD indicator showing either encrypted or plaintext sensitive data.
The user should not manually change the file SSD indicator that conflicts with the sensitive
data, if any, in the file. Otherwise, plaintext sensitive data may be unexpectedly exposed.
Sensitive Data Zero-Touch Auto Configuration
SSD Zero-touch Auto Configuration is the auto configuration of target devices with encrypted
sensitive data, without the need to manually pre-configure the target devices with the
passphrase whose key is used to encrypted the sensitive data.
The device currently supports Auto Configuration, which is enabled by default. When Auto
Configuration is enabled on a device and the device receives DHCP options that specify a file
server and a boot file, the device downloads the boot file (remote configuration file) into the
Startup Configuration file from a file server, and then reboots.
The file server may be specified by the bootp siaddr and sname fields, as well as DHCP option
150 and statically configured on the device.
The user can safely auto configure target devices with encrypted sensitive data, by first
creating the configuration file that is to be used in the auto configuration from a device that
contains the configurations. The device must be configured and instructed to:
•
Encrypt the sensitive data in the file
•
Enforce the integrity of the file content
•
Include the secure, authentication configuration commands and SSD rules that
properly control and secure the access to devices and the sensitive data
18
330