Cisco Cisco SG500-52PP 52-port Gigabit Max PoE+ Stackable Managed Switch 维护手册
Security: Secure Sensitive Data Management
Configuration Files
571
Cisco 500 Series Stackable Managed Switch Administration Guide
26
Read Mode
Each session has a Read mode. This determines how sensitive data appears. The
Read mode can be either Plaintext, in which case sensitive data appears as
regular text, or Encrypted, in which sensitive data appears in its encrypted form.
Read mode can be either Plaintext, in which case sensitive data appears as
regular text, or Encrypted, in which sensitive data appears in its encrypted form.
Configuration Files
A configuration file contains the configuration of a device. A device has a Running
Configuration file, a Startup Configuration file, a Mirror Configuration file
(optionally), and a Backup Configuration file. A user can manually upload and
download a configuration file to and from a remote file-server. A device can
automatically download its Startup Configuration from a remote file server during
the auto configuration stage using DHCP. Configuration files stored on remote file
servers are referred to as remote configuration files.
Configuration file, a Startup Configuration file, a Mirror Configuration file
(optionally), and a Backup Configuration file. A user can manually upload and
download a configuration file to and from a remote file-server. A device can
automatically download its Startup Configuration from a remote file server during
the auto configuration stage using DHCP. Configuration files stored on remote file
servers are referred to as remote configuration files.
A Running Configuration file contains the configuration currently being used by a
device. The configuration in a Startup Configuration file becomes the Running
Configuration after reboot. Running and Startup Configuration files are formatted
in internal format. Mirror, Backup, and the remote configuration files are text-based
files usually kept for archive, records, or recovery. During copying, uploading, and
downloading a source configuration file, a device automatically transforms the
source content to the format of the destination file if the two files are of different
formats.
device. The configuration in a Startup Configuration file becomes the Running
Configuration after reboot. Running and Startup Configuration files are formatted
in internal format. Mirror, Backup, and the remote configuration files are text-based
files usually kept for archive, records, or recovery. During copying, uploading, and
downloading a source configuration file, a device automatically transforms the
source content to the format of the destination file if the two files are of different
formats.
File SSD Indicator
When copying the Running or Startup Configuration file into a text-based
configuration file, the device generates and places the file SSD indicator in the
text-based configuration file to indicate whether the file contains encrypted
sensitive data, plaintext sensitive data or excludes sensitive data.
configuration file, the device generates and places the file SSD indicator in the
text-based configuration file to indicate whether the file contains encrypted
sensitive data, plaintext sensitive data or excludes sensitive data.
•
The SSD indicator, if it exists, must be in the configuration header file.
•
A text-based configuration that does not include an SSD indicator is
considered not to contain sensitive data.
considered not to contain sensitive data.
•
The SSD indicator is used to enforce SSD read permissions on text-based
configuration files, but is ignored when copying the configuration files to the
Running or Startup Configuration file.
configuration files, but is ignored when copying the configuration files to the
Running or Startup Configuration file.