Data Sanitization
Use the National Institute of Standards and Technology (NIST) purge method that renders the data unrecoverable through simple, non-invasive data recovery techniques or through state-of-the-art laboratory techniques.
Note |
Unless otherwise stated, the data sanitization instructions provide NIST 800-88 clear sanitization techniques in user-addressable storage locations for protection against simple non-invasive data recovery techniques and do not provide techniques that render data recovery infeasible using state of the art laboratory techniques. |
Follow these steps to remove the files from a flash drive:
Procedure
Step 1 |
factory-reset all secure Example:
Purges the data on the flash. |
||
Step 2 |
Copy the image to the flash using TFTP. For more information, see Copying Image Files using TFTP. |
||
Step 3 |
reload Example:
Reloads the device.
|
||
Step 4 |
show platform software factory-reset secure log Example:
Displays the data sanitization report. |
Example: Data Sanitization
The following example shows how to reset all data from a device:
Device# factory-reset all secure
The factory reset operation is irreversible for all operations. Are you sure? [confirm]
The following will be deleted as a part of factory reset: NIST-SP-800-88-R1
1: Crash info and logs
2: User data, startup and running configuration
3: All IOS images, including the current boot image
4: User added rommon variables
5: OBFL logs
6: License usage log files
Note:
1. You are advised to COPY an IOS image via TFTP after factory-reset and before reloading
the box (OPTIONAL)
2. Then, Reload the box for factory-reset to complete
DO NOT UNPLUG THE POWER OR INTERRUPT THE OPERATION
Are you sure you want to continue?
[confirm]
% factory-reset: started.
% Format of nvram start..
% Format of nvram end...
*Sep 20 11:36:14.980: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
% Erase of obfl0 start...
................................
% Erase of obfl0 end...
% Validating obfl0 partition...
00000000: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
...............................................................
003FFFF0: **
.
% Format of obfl0 start
% Format of obfl0 complete
% Erase of rsvd start...
.......
% Erase of rsvd end...
% Validating rsvd partition...
00000000: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
.............
000DFFF0: **
.
% Erase of flash start...
.................................................................................................................................................................
% Erase of flash end...
% Validating flash partition...
00000000: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
.................................................................................................................................................................
0E9FFFF0: **
.
% Format of flash start
% Format of flash complete
% Format of vb: start...
% Format of vb: end...
% act2 erase started...
------ USER 1 ------------------
ObjectID ObjectType ObjectSize
===================================
0xBA7E1F05 0x01 0x00DC
% act2 erase completed...
#CISCO C1000-48T-4G-L DATA SANITIZATION REPORT#
START : 2022-09-20 11:36:11
END : 2022-09-20 11:37:28
PNM : NAND
MNM : IS34/35ML02G084
MID : 0x00
DID : 0xDAC8
NIST : PURGE SUCCESS
% factory-reset: logging success...
% FACTORY-RESET - Secure Successfull...
1. You are advised to COPY an IOS image via TFTP before reloading the box (OPTIONAL)
2. Then, Reload the box for factory-reset to complete
The following is sample output from the show platform software factory-reset secure log command after a secure factory reset of the device:
Device# show platform software factory-reset secure log
#CISCO C1000-48T-4G-L DATA SANITIZATION REPORT#
START : 2022-07-13 10:50:29
END : 2022-07-13 10:51:45
PNM : NAND
MNM : IS34/35ML02G084
MID : 0x00
DID : 0xDAC8
NIST : PURGE SUCCESS