Cisco SR224T Administration Guide - Page 266

Secure Sensitive Data SSD Management Channels 19 SSD Management Channels Devices can be managed over management channels such as telnet, SSH, and web. SSD categories the channels into the following types based on their security and/or protocols: secured, insecure, secure-XML-SNMP, and insecure-XML-SNMP. The following describes whether SSD considers each management channel to be secure or insecure. If it is insecure, the table indicates the parallel secure channel. Security of Management Channels Management Channels Management Channel SSD Management Parallel Secured Channel Type Management Channel GUI/HTTP Insecure GUI/HTTPS GUI/HTTPS Secure XML/HTTP Insecure-XMLSNMP XML/HTTPS XML/HTTPS Secure-XML-SNMP TFTP Insecure HTTP based file transfer Insecure HTTPS-based file transfer HTTPS based file transfer Secure Menu CLI and Password Recovery The Menu CLI interface is only allowed to users if their read permissions are Both or Plaintext Only. Other users are rejected. Sensitive data in the Menu CLI is always displayed as plaintext. Password recovery is currently activated from the boot menu and allows the user to log on to the terminal without authentication. If SSD is supported, this option is only permitted if the local passphrase is identical to the default passphrase. If a device is configured with a user-defined passphrase, the user is unable to activate password recovery. Cisco Small Business 200 Series Smart Switch Administration Guide 267