Table of Contents
Advertisement
Security: Secure Sensitive Data Management
SSD Management Channels
NOTE
SSD Management Channels
Cisco Small Business 200 Series Smart Switch Administration Guide
If the device creating the configuration file is in Unrestricted passphrase control
mode, the device includes the passphrase in the file. As a result, the user can auto
configure the target devices, including devices that are out-of-the-box or in factory
default, with the configuration file without manually pre-configuring the target
devices with the passphrase. This is zero touch because the target devices learn
the passphrase directly from the configuration file.
Devices that are out-of-the-box or in factory default states use the default
anonymous user to access the SCP server.
Devices can be managed over management channels such as telnet, SSH, and
web. SSD categories the channels into the following types based on their security
and/or protocols: secured, insecure, secure-XML-SNMP, and insecure-XML-SNMP.
The following describes whether SSD considers each management channel to be
secure or insecure. If it is insecure, the table indicates the parallel secure channel.
Security of Management Channels
Management Channels
Management Channel
GUI/HTTP
GUI/HTTPS
XML/HTTP
XML/HTTPS
SNMPv1/v2/v3 without
privacy
SNMPv3 with privacy
TFTP
SCP (Secure Copy)
SSD Management
Channel Type
Insecure
Secure
Insecure-XML-
SNMP
Secure-XML-SNMP
Insecure-XML-
SNMP
Secure-XML-SNMP
(level-15 users)
Insecure
Secure
19
Parallel Secured
Management Channel
GUI/HTTPS
XML/HTTPS
Secure-XML-SNMP
SCP
300
Advertisement
Table of Contents
