Cisco SR224T-NA Administration Guide - Page 264
Backup and Mirror Configuration File, Administration > File Management >
![]() |
View all Cisco SR224T-NA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 264 highlights
Secure Sensitive Data Configuration Files 19 • Configuration commands with encrypted sensitive data, that are encrypted with the key generated from the local passphrase, are configured into the Running Configuration. Otherwise, the configuration command is in error, and is not incorporated into the Running Configuration file. Backup and Mirror Configuration File A device periodically generates its Mirror Configuration file from the Startup Configuration file if auto mirror configuration service is enabled. A device always generates a Mirror Configuration file with encrypted sensitive data. Therefore, the File SSD Indicator in a Mirror Configuration file always indicates that the file contains encrypted sensitive data. By default, auto mirror configuration service is enabled. To configure auto mirror configuration to be enabled or disabled, click Administration > File Management > Configuration File Properties. A user can display, copy, and upload the complete mirror and backup configuration files, subject to SSD read permission, the current read mode in the session, and the file SSD indicator in the source file as follows: • If there is no file SSD indicator in a mirror or backup configuration file, all users are allowed to access the file. • A user with Both read permission can access all mirror and backup configuration files. However, if the current read mode of the session is different than the file SSD indicator, the user is presented with a prompt indicating that this action is not allowed. • A user with Plaintext Only permission can access mirror and backup configuration files if their file SSD Indicator shows Exclude or Plaintext Only sensitive data. • A user with Encrypted Only permission can access mirror and backup configuration files with their file SSD Indicator showing Exclude or Encrypted sensitive data. • A user with Exclude permission cannot access mirror and backup configuration files with their file SSD indicator showing either encrypted or plaintext sensitive data. The user should not manually change the file SSD indicator that conflicts with the sensitive data, if any, in the file. Otherwise, plaintext sensitive data may be unexpectedly exposed. Cisco Small Business 200 Series Smart Switch Administration Guide 265
![](/manual_guide/products/cisco-sr224t-administration-guide-6b1cd67/264.png)