Secure Boot on a SX350X or SX550X Switch

Available Languages

Download Options

PDF (137.7 KB)
View with Adobe Reader on a variety of devices
ePub (405.4 KB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (267.2 KB)
View on Kindle device or Kindle app on multiple devices

Updated:October 7, 2019

Document ID:1570471882825110

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Objective

The purpose of this article is to explain the process of Secure Boot, a method to boot up with only trusted software. This feature is enabled starting with firmware version 2.4.0.91.

If you are unfamiliar with the terms used below, check out Cisco Business: Glossary of New Terms.

Applicable Devices

SX350X
SX550X

Software Version

2.4.0.91

Introduction

Secure Boot is a way of loading and running a secure image using a chain-of-trust to avoid loading untrusted software. A chain-of- trust is established by assigning images with private keys and using hardware and software mechanisms to verify the loaded image. This allows users to be sure that when they load device firmware, no other person has added a security violating code.

When a user tries to load a new image, the new image is downloaded to a temporary file, which is validated. In case of error, the temporary file is deleted. This way, if the new image is not valid, the installation process will fail and show a warning message.

If your Switches are in a Stacked Topology

When you load 2.4.0.91, or the latest version available, onto the active (primary) switch, it will load the firmware on all the members of the stack. This is regardless of the model within the family, as it is a requirement that all the devices run the same firmware. The stack will function normally.

Secure Boot Process

During bootup, the system will print Secure Boot information on the terminal. Here are the steps the devices check through before the Secure Boot.

Boot Read Only Memory (BootROM) validates booton
Booton validates Universal Boot (Uboot)
Uboot validates the ROS image

If the Secure Boot detects failure, it will prevent the device from booting up. If this occurs, contact your Cisco Partner or Technical Assistance Center (TAC) to determine the next steps to follow in this situation. If you need to find a Cisco Partner, click here.

Secure Boot Syslog

During bootup, the system will print Secure Boot information:

Secure Boot enabled/disabled – in devices with no System-on-Chip (SoC) electrical programmable fuse (eFuse), such as Minimal SYStem (MSYS) Central Processing Unit (CPU), or when eFuse secure bit is not set, the printout will be “Secure Boot disabled”. If Secure Boot is enabled, the printout will be “Secure Boot enabled”.
After BootROM validates the booton, it prints the validation status (passed/failed).
After booton validates the Uboot, it prints the validation status (passed/failed).
After Uboot validates the ros image, it prints the validation status (passed/failed).

Note: In case of failure, the boot process will stop.

Secure Boot output example firmware version 2.4.0.91:

Secure Boot output example firmware version 2.5.0.83:

$C:\Users\sparia\AppData\Local\Microsoft\Windows\INetCache\Content.Word\Secure boot on SX550X-24 with latest firmware 2.5.0.83.JPG$

Conclusion

You are now familiar with Secure Boot and how it can help protect your network.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)