I understand that "service private-config-encryption" encrypts all passwords and crypto-related keys in NVRAM, but the configuration itself, including firewall rules and IP addresses, are still plain text.
Is there any available mechanism to protect the entirety of the configuration?
The use case we envision is to allow a dead router to be thrown out without concern for dumpster divers recovering our configuration.
Thanks!