Security: Secure Sensitive Data Management
Introduction
Cisco 500 Series Stackable Managed Switch Administration Guide
Secure Sensitive Data (SSD) is an architecture that facilitates the protection of
sensitive data on a device, such as passwords and keys. The facility makes use of
passphrases, encryption, access control, and user authentication to provide a
secure solution to managing sensitive data.
The facility is extended to protect the integrity of configuration files, to secure the
configuration process, and to support SSD zero-touch auto configuration.
•
Introduction
•
SSD Rules
•
SSD Properties
•
Configuration Files
•
SSD Management Channels
•
Menu CLI and Password Recovery
•
Configuring SSD
SSD protects sensitive data on a device, such as passwords and keys, permits
and denies access to sensitive data encrypted and in plain text based on user
and SSD rules
credentials
from being tampered with.
In addition, SSD enables the secure backup and sharing of configuration files
containing sensitive data.
SSD provides users with the flexibility to configure the desired level of protection
on their sensitive data; from
protection with encryption based on the default passphrase, and better protection with
encryption based on user-defined passphrase.
, and protects configuration files containing sensitive data
no protection with sensitive data in plaintext, minimum
26
562