Security: Secure Sensitive Data Management
Configuring SSD
377 Cisco Small Business 300 Series Managed Switch Administration Guide
18
- Level 15—Indicates that this rule applies to all users with privilege level
15.
- All—Indicates that this rule applies to all users.
• Channel—This defines the security level of the input channel to which the
rule applies: Select one of the following options:
- Secure—Indicates that this rule applies only to secure channels
(console, SCP, SSH and HTTPS), not including the
SNMP and XML
channels.
- Insecure—Indicates that this rule applies only to insecure channels
(Telnet, TFTP and HTTP), not including the SNMP and XML channels.
- Secure XML SNMP—Indicates that this rule applies only to XML over
HTTPS and SNMPv3 with privacy.
- Insecure XML SNMP—Indicates that this rule applies only to XML over
HTTP or and SNMPv1/v2and SNMPv3 without privacy.
• Read Permission—The read permissions associated with the rule. These
can be the following:
- Exclude—Lowest read permission. Users are not permitted to get
sensitive data in any form.
- Plaintext Only—Higher read permission than above ones. Users are
permitted to get sensitive data in plaintext only.
- Encrypted Only—Middle read permission. Users are permitted to get
sensitive data as encrypted only.
- Both (Plaintext and Encrypted)—Highest read permission. Users have
both encrypted and plaintext permissions and are permitted to get
sensitive data as encrypted and in plaintext
• Default Read Mode—All default read modes are subjected to the read
permission of the rule. The following options exist, but some might be
rejected, depending on the rule’s read permission.
- Exclude—Do not allow reading the sensitive data.
- Encrypted—Sensitive data is presented encrypted.
- Plaintext—Sensitive data is presented as plaintext.
STEP 3 The following actions can be performed:
• Restore to Default—Restore a user-modified default rule to the default rule.
