Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680
871872873874875876877878879880
33-9
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 33 System Administration
Managing the Configuration File
You can encrypt the user’s passwords by clicking the Encrypt passwords in the Configuration Files
checkbox. The following are the critical security parameters in the configuration file that will be
encrypted.
Certificate private keys
RADIUS passwords
LDAP bind passwords
Local users' password hashes
SNMP password
DK/DKIM signing keys
Outgoing SMTP authentication passwords
PostX encryption keys
PostX encryption proxy password
FTP Push log subscriptions' passwords
IPMI LAN password
Updater server URLs
Note For enhanced security, if encryption of sensitive data in the appliance is enabled in FIPS mode,
Plain passwords in the Configuration Files option is not displayed on the web interface.
Loading a Configuration File
Use the Load Configuration section of the System Administration > Configuration File page to load new
configuration information into the appliance. You can load information in one of three methods:
Placing information in the configuration directory and uploading it.
Uploading the configuration file directly from your local machine.
Pasting configuration information directly into the GUI.
Configuration files with masked passwords cannot be loaded.
Note In cluster mode, you can either choose to load the configuration for a cluster or an appliance. For
instructions to load cluster configuration, see Loading a Configuration in Clustered Appliances,
page 39-22.
Regardless of the method, you must include the following tags at the top of your configuration:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE config SYSTEM "config.dtd">
<config>
... your configuration information in valid XML
</config>