Zeroization

Sometimes it is desirable to completely remove the information stored in user files from flash storage. The zeroization feature will remove and "zeroize" all the files from flash storage except software images. Information removed includes the following:

  • switch configurations

  • system generated private keys

  • user installed private keys

  • legacy manager/operator password files

  • crypto-key files

  • fdr logs

  • core dumps

Zeroization can be initiated in these ways:

  • CLI command erase all

  • ROM console command

  • During Secure Mode transition, initiated through the secure-mode CLI command executed in a serial session

The zeroization process takes some time, so it is performed during the initial process of a switch reboot. After zeroization, the configuration file is rebuilt from the default config file, which is similar to the config rebuilding process performed by the erase startup-config command.

When zeroization is triggered by a secure mode transition, HA handles zeroization on the AMM and SMM automatically.

When the CLI command (erase all zeroize) is used to start zeroization, the AMM syncs with the SMM and ensures that the SMM performs the same level of zeroization before the AMM starts the zeroization process on itself. The AMM before the zeroization process occurs remains the AMM, unless it takes over a minute for the AMM to boot up, in which case the prior SMM becomes the AMM.

When zeroization is started from the ROM console, there is no synchronization performed between the AMM and SMM, as zeroization from the ROM console is treated as a recovery facility. Each MM has to be zeroized individually.

For information about Secure Mode and zeroization, see the "Secure Mode (5400zl)" in the Access Security Guide for your switch.