Cisco 500 Series Administration Manual page 569
Stackable managed
Hide thumbs
Also See for 500 Series:
- Configuration manual (1140 pages) ,
- Administration manual (485 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
26
NOTE
567
is recommended that the user authentication process on a device is secured. To
secure the user authentication process, you can use the local authentication
database, as well as secure the communication through external authentication
servers, such as a RADIUS server. The configuration of the secure communication
to the external authentication servers are sensitive data and are protected under
SSD.
The user credential in the local authenticated database is already protected by a
non SSD related mechanism
If a user from a channel issues an action that uses an alternate channel, the device
applies the read permission and default read mode from the SSD rule that match
the user credential and the alternate channel. For example, if a user logs in via a
secure channel and starts a TFTP upload session, the SSD read permission of the
user on the insecure channel (TFTP) is applied
Default SSD Rules
The device has the following factory default rules:
Table 8
Rule Key
User
Channel
Level
Secure XML
15
SNMP
Level
Secure
15
Level
Insecure
15
All
Insecure XML
SNMP
All
Secure
All
Insecure
The default rules can be modified, but they cannot be deleted. If the SSD default
rules have been changed, they can be restored.
Security: Secure Sensitive Data Management
Rule Action
Read
Permission
Plaintext Only
Both
Both
Exclude
Encrypted Only
Encrypted Only
Cisco 500 Series Stackable Managed Switch Administration Guide
Default Read Mode
Plaintext
Encrypted
Encrypted
Exclude
Encrypted
Encrypted
SSD Rules
Hide quick links:
Advertisement
Table of Contents
