Cisco Cisco Email Security Appliance C160 Mode D'Emploi
34-7
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 34 System Administration
Managing the Configuration File
Managing Configuration Files
To manage configuration files on your appliance, click the System Administration> Configuration
File.
File.
The Configuration File page contains the following sections:
•
Current Configuration - used to save and export the current configuration file.
•
Load Configuration - used to load a complete or partial configuration file.
•
End-User Safelist/Blocklist Database (Spam Quarantine) - For information, see
and
.
•
Reset Configuration - used to reset the current configuration back to the factory defaults (you
should save your configuration prior to resetting it).
should save your configuration prior to resetting it).
Note
The private keys and certificates are included in unencrypted PEM format along with the configuration
file with encrypted passphrase.
file with encrypted passphrase.
Saving and Exporting the Current Configuration File
Using the Current Configuration section of the System Administration > Configuration File page,
you can save the current configuration file to your local machine, save it on the appliance (placed in the
you can save the current configuration file to your local machine, save it on the appliance (placed in the
configuration
directory in the FTP/SCP root), or email it to the address specified.
The following information is not saved with the configuration file:
•
Certificates used for secure communications with services used by the URL filtering feature.
•
CCO User IDs and Contract ID saved on the Contact Technical Support page.
You can mask the user’s passphrases by clicking the Mask passphrases in the Configuration Files
checkbox. Masking a passphrase causes the original, encrypted passphrase to be replaced with “*****”
in the exported or saved file. Please note, however, that configuration files with masked passphrases
cannot be loaded back into AsyncOS.
checkbox. Masking a passphrase causes the original, encrypted passphrase to be replaced with “*****”
in the exported or saved file. Please note, however, that configuration files with masked passphrases
cannot be loaded back into AsyncOS.
You can encrypt the user’s passphrases by clicking the Encrypt passphrases in the Configuration Files
checkbox. The following are the critical security parameters in the configuration file that will be
encrypted.
checkbox. The following are the critical security parameters in the configuration file that will be
encrypted.
•
Certificate private keys
•
RADIUS passwords
•
LDAP bind passwords
•
Local users' password hashes
•
SNMP password
•
DK/DKIM signing keys
•
Outgoing SMTP authentication passwords
•
PostX encryption keys
•
PostX encryption proxy password
•
FTP Push log subscriptions' passwords
•
IPMI LAN password