01-04-2023 06:52 PM
Newer switches have the factory-reset all secure command which performs a NIST purge (see System Management Configuration Guide, Cisco IOS Release 15.2(7)E3k (Catalyst Micro Switch Series)
I've just found this command but it doesn't work for older switches, i.e. Catalyst 2960S-24TS-S so I've been resetting most older switches by;
Is there some kind of purge command for older switches or is deleting files from flash secure enough?
I would imagine taking it a step further by deleting all files from flash and reinstalling current or newest firmware might be even more secure? Any help is appreciated!!
Solved! Go to Solution.
01-05-2023 01:05 PM
For Cisco IOS (not IOS-XE), I would format the flash.
01-04-2023 07:58 PM - edited 01-04-2023 07:59 PM
Cisco an pick up and perform a secure-destruction for free. If I remembered correctly, they can even process non-Cisco branded (competitor's) products as well.
01-05-2023 04:22 AM
That's a good way to take care of switches that I no longer need so I appreciate the answer but I'm searching how to do it myself and if the way I'm currently doing it is secure
01-05-2023 01:05 PM
For Cisco IOS (not IOS-XE), I would format the flash.
11-09-2023 06:09 AM
That could be done with delete /recursive /force flash: and format flash: correct or do you have a better recommendation for formatting the flash? Would it delete the firmware?
11-09-2023 03:20 PM
Depends on the model of the switch.
Catalyst 4k stores the VLAN DB in a separate directory (cat4000_flash:). Formatting the flash does not clear away the VLAN DB. And do not forget about the information(s) in the crashinfo: directory.
Factory resetting a Catalyst 6k is more difficult.
For Cisco IOS (not IOS-XE), formatting the flash is my preferred method.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: