Cisco SR224T Administration Guide - Page 255

Secure Sensitive Data SSD Rules 19 - (Higher) Plaintext Only-Users are permitted to access sensitive data in plaintext only. Users will also have read and write permission to SSD parameters as well. - (Highest) Both-Users have both encrypted and plaintext permissions and are permitted to access sensitive data as encrypted and in plaintext. Users will also have read and write permission to SSD parameters as well. Each management channel allows specific read permissions. The following summarizes these. Table 1 Read Permissions Allowed per Management Channel Management Channel Read Permission Options Allowed Secure Both, Encrypted Only Insecure Both, Encrypted Only Secure XML SNMP Exclude, Plaintext Only Insecure XML SNMP Exclude, Plaintext Only • Default Read Mode-All default read modes are subjected to the read permission of the rule. The following options exist, but some might be rejected, depending on the read permission. If the user-defined read permission for a user is Exclude (for example), and the default read mode is Encrypted, the user-defined read permission prevails. - Exclude-Do not allow reading sensitive data. - Encrypted-Sensitive data is presented in encrypted form. - Plaintext-Sensitive data is presented in plaintext form. Each management channel allows specific read presumptions. The following summarizes these. Table 2 Default Read Modes for Read Permissions Read Permission Default Read Mode Allowed Exclude Exclude Encrypted Only *Encrypted Plaintext Only *Plaintext Cisco Small Business 200 Series Smart Switch Administration Guide 256