HPE Community
HPE Aruba Networking & ProVision-based
1832535 Members
7837 Online
110043 Solutions
New Discussion

Switch Sanitisation

 
KnownAssociate
New Member

‎03-30-2011 05:37 AM

‎03-30-2011 05:37 AM

Switch Sanitisation

Hi,

 

we use a HP Procurve E6200 (J8992A) Switch and have a need to erase all the data from any flash memory on-board.  This is to allow the switch to be re-used elsewhere with a good degree of confidence that no existing data remains on the switch.

 

I understand this unit does not have a CF capability so does anyone know if sanitisation of this switch is possible to current UK government standards.

 

Alternatively if the switch Seperates network (user) traffic from configuration data and firmware, we could argue that the flash can never be loaded with user data so does not need to be erased.  If Seperation of data  is provided it would probably need to be certifiied to EAL4.

 

Any suggestions or ideas welcome.

Thanks

KA

0 Kudos
1 REPLY 1
Gerhard Roets
Esteemed Contributor

‎04-04-2011 02:15 AM

‎04-04-2011 02:15 AM

Re: Switch Sanitisation

Hi "KnownAssociate"

 

Depending on your requirements you might want to contact HP support if you need an official statement of volatility.

 

When you clean the CF card remember

1. Erase all the config files. (There might be more than one see "show config files" ).

2. Remove the all ssh keys(private and public if you installed them).

3. Remove any SSL certificates you might have generated or installed.

4. Remove any core-dumps from the switch "see "show boot" and "erase "core-dump".

 

Other items the switch might sotre on the config file which is not easy to remove is which config file to boot from. This should nto have a security imapct as it is basically a num from 1 through 3

Which operating system to boot primary or secondary.

 

Lastly when you are done removing all these. Unplug the power from the switch for a while to ensure that the event log and "crash-data" and "crash-log" if there are any gets cleaned up.

 

This should give you a sanitized switch.

 

Hope this helps

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.