Statement of Volatility for Cisco UCS Hardware
Available Languages
Table of Contents
Statement of Volatility for Cisco UCS Hardware
Cisco UCS C-Series Rack Servers
Clearing the Storage Controller TFM Cache
Restoring the BIOS to Factory Default Settings
Restoring the CIMC to Factory Default Settings
Cisco UCS B-Series Blade Servers
Restoring the BIOS to the Factory Default Settings
Restoring the LSI SAS Controller to the Factory Default Settings
Restoring the CIMC to the Factory Default Settings
Resetting the CMOS From UCS Manager
Cisco UCS 6200 Series Fabric Interconnects
Restoring the mSATA Flash to factory Default Settings
Restoring the NVRAM to Factory Default Settings
Restoring the CMOS to Factory Default Settings
Restoring On-Board Failure Logging to the Factory Default Settings
Cisco UCS 6300 Series Fabric Interconnects and Cisco UCS Mini
Restoring the mSATA Flash to Factory Default Settings
Restoring the NVRAM to Factory Default Settings
Restoring the CMOS to Factory Default Settings
Restoring the On-Board Failure Logging to the Factory Default Settings
Cisco UCS 6400 Series Fabric Interconnects
Restoring the mSATA Flash to Factory Default Settings
Restoring the NVRAM to Factory Default Settings
Restoring the CMOS to Factory Default Settings
Restoring the On-Board Failure Logging to the Factory Default Settings
Erasing the Cisco UCS Manager Database
Cisco UCS 2200 Series Fabric Extenders
Cisco UCS 5108 Blade Server Chassis
Volatility Statement
This document is limited to engineering information only and NOT a certification. This information is based on the currently available data, and the information is provided “For Informational Purposes Only” and without warranty of any kind. Components used in manufacturing can and do change based on industry availability, and such changes cannot always be maintained in documentation and user manuals. Therefore, this letter is intended to provide guidance for clearing sensitive data from the server. Please refer to your in-house Data Security policies.
This document is a statement of volatility (SOV) for Cisco UCS hardware. This SOV includes information for the following platforms:
- Cisco UCS C-Series Rack Servers
- Cisco UCS B-Series Blade Servers
- Cisco UCS 6200 Series Fabric Interconnects
- Cisco UCS 6300 Series Fabric Interconnects and Cisco UCS Mini
- Cisco UCS 6400 Series Fabric Interconnects
- Erasing the Cisco UCS Manager Database
- Cisco UCS 2200 Series Fabric Extenders
- Cisco UCS 5108 Blade Server Chassis
Cisco UCS C-Series Rack Servers
The Cisco UCS C-Series rack-mount servers have multiple serial, electrically erasable, and programmable nonvolatile memory components (EEPROM and flash memory) that are used to store manufacturing hardware identification and hardware configuration information. The majority of serial EEPROMs and flash memories are not written by users and contain no customer information.
Procedures for clearing the few flash devices that can retain customer data are included in this section:
- Clearing the Storage Controller TFM Cache
- Restoring the BIOS to Factory Default Settings
- Restoring the CIMC to Factory Default Settings
- Clearing the CIMC Logs
This section applies to the following servers:
- Cisco UCS C4200/C125 M5
- Cisco UCS C480 M5
- Cisco UCS C220 M5 and Cisco UCS C240 M5
- Cisco UCS C220 M4 and C240 M4
- Cisco UCS C460 M4
- Cisco UCS C3160
- Cisco UCS C22 M3 and C24 M3
- Cisco UCS C220 M3 and C240 M3
- Cisco UCS C420 M3
- Cisco UCS C260 M2
- Cisco UCS C460 M2
- Cisco UCS C250 M2
- Cisco UCS C200 M2 and C210 M2
Note
There are several secure erase methods that exist to wipe the date in front drives. Cisco does not have any specific recommendation. Please work with your security department to follow your established process to secure-erase the data in those drives. Cisco’s User Guide for UCS Secure Data Deletion For Commission Regulation (EU)2019/424 can be found here: https://www.cisco.com/web/dofc/18794277.pdf
Clearing the Storage Controller TFM Cache
The Cisco UCS C-Series servers might be configured with an LSI storage controller card that has a TFM module for battery-backed cache via a SuperCap power module (SCPM) or battery backup unit (BBU). The TFM module might cache partial user data to prevent data loss. If the server has this configuration, use the following procedure to clear the TFM cache.
Step 1 If not already installed, download and install the LSI StorCLI utility on the server’s operating system (Linux/Windows/VMWare).
The LSI StorCLI utility and its documentation are available for download from LSI.com.
Step 2 Open a new command/terminal window and change to the directory where StorCLI is installed.
Step 3 Run the following commands in the order shown, where x is the number of the controller:
Note Storcli has a help function. For additional information about the listed commands, issue the
./storcli64 help command.
Clearing the CIMC and BIOS
You can restore the BIOS and CIMC to factory default settings and clear the CIMC logs.
Note The WebUI has a navigation pane that expands and collapses. The navigation pane contains tabs that group server functions, for example, Networking for interface and server networking features.
Depending on how the Web UI is configured, the navigation pane might be collapsed and its tabs hidden. You can expand and collapse the navigation pane by clicking the Toggle Navigation button located at the top left corner of the Web UI banner. For ease of use, you might find it helpful to pin the expanded navigation pane so that it remains expanded.
The following procedures are only a subset of tasks for the Cisco UCS C-Series Integrated Management Controller. The full set of features available through the CIMC WebUI and CIMC CLI are documented in the Cisco UCS C-Series Integrated Management Controller GUI Configuration Guide and Cisco UCS C-Series Integrated Management Controller GUI Configuration Guide. Go to:
https://www.cisco.com/c/en/us/support/servers-unified-computing/ucs-c-series-integrated-management-controller/products-installation-and-configuration-guides-list.html
Restoring the BIOS to Factory Default Settings
Use the following procedure to restore default settings to the BIOS:
Step 1 Use the IP address of the server and log into the CIMC GUI interface.
Step 2 In the navigation pane, click Compute.
Step 4 Click the appropriate option:
- Clear BIOS CMOS. This option restores the factory defaults and clears the CMOS memory.
- Restore Manufacturing Custom Settings. For this option, the server must first be physically powered off.
- Restore Defaults.
Step 5 When prompted with a warning popup, confirm that you want to reset the BIOS to factory settings.
Restoring the CIMC to Factory Default Settings
Use the following procedure to restore default settings to the CIMC:
Step 1 Use the IP address of the server and log into the CIMC GUI interface.
Step 2 In the navigation pane, click Admin>Utilities.
This step takes you to the Chassis Summary/Admin/Utilities Page.
Step 3 Click Reset to Factory Defaults.
Because this operation removes user-configured data and restores defaults, a warning popup is displayed.
Step 6 Read the warning popup and confirm the reset to defaults by clicking Yes.
Clearing the CIMC Logs
Use the following procedure to clear the CIMC logs:
Step 1 Use the IP address of the server and log into the CIMC GUI interface.
Step 2 In the navigation pane, click Chassis>Faults and Logs.
This step takes you to the Chassis/ Faults and Logs/Cisco IMC Log page.
Step 3 Click the CIMC Log tab.
Step 4 Click the Clear Log button.
Step 5 When prompted with a warning popup, confirm that you want to clear the CIMC Logs.
Cisco UCS B-Series Blade Servers
The Cisco UCS B-Series blade servers have multiple serial, electrically erasable, and programmable nonvolatile memory components (EEPROM and Flash memory) that are used to store manufacturing hardware identification and hardware configuration information. The majority of serial EEPROMs and flash memories are not written by users and contain no customer information. The following procedures for clearing the few flash devices that can retain customer data are included in this section:
- Restoring the BIOS to the Factory Default Settings
- Restoring the LSI SAS Controller to the Factory Default Settings
- Restoring the CIMC to the Factory Default Settings
- Resetting the CMOS From UCS Manager
This section applies to the following servers:
- Cisco UCS B480 M5
- Cisco UCS B200 M5
- Cisco UCS B200 M4
- Cisco UCS B260 M4 and B460 M4
- Cisco UCS B200 M3
- Cisco UCS B420 M3
- Cisco UCS B22 M3
- Cisco UCS B200 M2
- Cisco UCS B230 M2
- Cisco UCS B250 M2
- Cisco UCS B440 M2
Note There are several secure erase methods that exist to wipe the date in front drives. Cisco does not have any specific recommendation. Please work with your security department to follow your established process to secure-erase the data in those drives. Cisco’s User Guide for UCS Secure Data Deletion For Commission Regulation (EU)2019/424 can be found here: https://www.cisco.com/web/dofc/18794277.pdf
Restoring the BIOS to the Factory Default Settings
Use the following procedure to restore the BIOS to the factory default settings through the UCS Manager remote KVM or a local KVM I/O cable that is connected directly to the blade server.
Step 1 Press F2 to access the BIOS setup utility.
Step 2 Click the Save and Exit tab.
Step 3 On the Save and Exit tab, click Load Default Values.
Step 5 Click Save and Exit or press F10.
Step 6 Click Yes to reboot the blade server.
Restoring the LSI SAS Controller to the Factory Default Settings
Use the following procedure to restore the LSI SAS controller to the factory default settings through the UCS Manager remote KVM or a local KVM I/O cable that is connected directly to the blade server.
Step 1 Press Ctrl-H to log in to the web GUI.
Step 3 Click the Controller Properties tab.
Step 5 Click Set Factory Defaults.
Step 8 Press Ctrl-Alt-Delete to reboot the blade server.
Restoring the CIMC to the Factory Default Settings
Use the following procedure to restore the Cisco Integrated Management Controller (CIMC) to the factory default settings.
Step 1 Shut down the blade server to power it down.
Step 2 Remove the blade server from the chassis for 30 seconds or longer to turn off the standby power.
Step 3 Insert the blade server back into the chassis to power it on, which will automatically reboot the CIMC and restore it to its factory default settings.
Resetting the CMOS From UCS Manager
Step 1 In the UCS Manager navigation window, click the Equipment tab.
Step 2 On the Equipment tab, choose Equipment > Chassis > Chassis Number > Servers.
Step 3 Choose the server on which you want to reset the CMOS.
Step 4 In the Work pane, click the General tab.
Step 5 In the Actions area, click Recover Server.
Step 6 In the Recover Server dialog box, click Reset CMOS and then click OK.
Cisco UCS 6200 Series Fabric Interconnects
The Cisco UCS 6248 and 6296 Fabric Interconnects have multiple serial, electrically erasable, and programmable nonvolatile memory components (EEPROM and Flash memory) that are used to store manufacturing hardware identification and hardware configuration information. The majority of serial EEPROMs and flash memories are not written by users and contain no customer information. The following procedures for clearing the few flash devices that can retain customer data are included in this section:
- Restoring the mSATA Flash to factory Default Settings
- Restoring the NVRAM to Factory Default Settings
- Restoring the CMOS to Factory Default Settings
- Restoring On-Board Failure Logging to the Factory Default Settings
Restoring the mSATA Flash to factory Default Settings
This procedure restores the mSATA Flash to factory default setting.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Unplug and re-plug the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press one of the following key combinations as it boots to get the loader prompt.
You may need to press the selected key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/switch/kernel_firmware_version
loader > boot bootflash:installablesinstallables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin
Step 5 Enter the init system command:
Restoring the NVRAM to Factory Default Settings
This procedure restores the NVRAM to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press one of the following key combinations as it boots to get the loader prompt.
You may need to press the selected key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/kernel_firmware_version
loader > boot bootflash:installables/installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin
Restoring the CMOS to Factory Default Settings
This procedure restores the CMOS to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart. <version>
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart.5.0.3.N2.3.02bS1.bin
Step 5 Enter the resetcmos system command.
Switch(boot)# resetcmos system
Restoring On-Board Failure Logging to the Factory Default Settings
This procedure restores OBFL to factory default setting.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press one of the following key combinations as it boots to get the loader prompt.
You may need to press the selected key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/kernel_firmware_version
loader > boot bootflash:installables/installables/switch/ucs-6100-k9-kickstart.4.1.3.N2.1.0.11.gbin
Step 5 Enter the init system command.
Cisco UCS 6300 Series Fabric Interconnects and Cisco UCS Mini
The Cisco UCS 6300 Series Fabric Interconnects and Cisco UCS Mini have multiple serial, electrically erasable, and programmable nonvolatile memory components (EEPROM and Flash memory) that are used to store manufacturing hardware identification and hardware configuration information. The majority of serial EEPROMs and flash memories are not written by users and contain no customer information. The following procedures for clearing the few flash devices that can retain customer data are included in this section:
- Restoring the mSATA Flash to Factory Default Settings
- Restoring the NVRAM to Factory Default Settings
- Restoring the CMOS to Factory Default Settings
- Restoring the On-Board Failure Logging to the Factory Default Settings
Restoring the mSATA Flash to Factory Default Settings
This procedure restores the mSATA Flash to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/ucs-6300-k9-kickstart. <version>
loader > boot bootflash:installables/installables/switch/ucs-6300-k9-kickstart.5.0.3.N2.3.02bS1.bin
Step 5 Enter the init system command.
Restoring the NVRAM to Factory Default Settings
This procedure restores the NVRAM to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart. <version>
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart.5.0.3.N2.3.02bS1.bin
Step 5 Enter the init system command.
Restoring the CMOS to Factory Default Settings
This procedure restores the CMOS to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart. <version>
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart.5.0.3.N2.3.02bS1.bin
Restoring the On-Board Failure Logging to the Factory Default Settings
This procedure restores OBFL to factory default setting.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:installables/installables/switch/ucs-mini-k9-kickstart. <version>
loader > boot /installables/switch/ucs-mini-k9-kickstart.5.0.3.N2.3.02bS1.bin
Cisco UCS 6400 Series Fabric Interconnects
The Cisco UCS 6400 Series Fabric Interconnects have multiple serial, electrically erasable, and programmable nonvolatile memory components (EEPROM and Flash memory) that are used to store manufacturing hardware identification and hardware configuration information. The majority of serial EEPROMs and flash memories are not written by users and contain no customer information. The following procedures for clearing the few flash devices that can retain customer data are included in this section:
- Restoring the mSATA Flash to Factory Default Settings
- Restoring the NVRAM to Factory Default Settings
- Restoring the CMOS to Factory Default Settings
- Restoring the On-Board Failure Logging to the Factory Default Settings
Restoring the mSATA Flash to Factory Default Settings
This procedure restores the mSATA Flash to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect: Un-plug and replug the power cord. Alternatively, you can connect to the local-mgmt console in Cisco UCS Manager and enter the ‘reboot’ command.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Enter “cmdline force_init_systemrecoverymode=1”.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
Step 5 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
loader > boot bootflash:installables/switch/ucs-6400-k9-system.7.0.3.N2.4.04c.bin
Restoring the NVRAM to Factory Default Settings
This procedure restores the NVRAM to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Enter “cmdline force_init_systemrecoverymode=1”.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
Step 5 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
loader > boot bootflash:installables/switch/ucs-6400-k9-system.7.0.3.N2.4.04c.bin
Restoring the CMOS to Factory Default Settings
This procedure restores the CMOS to factory default settings.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Enter “cmdline force_init_systemrecoverymode=1”.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
Step 5 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
loader > boot bootflash:installables/switch/ucs-6400-k9-system.7.0.3.N2.4.04c.bin
Restoring the On-Board Failure Logging to the Factory Default Settings
This procedure restores OBFL to factory default setting.
- Physically connect the console port on the fabric interconnect to a computer terminal or console server.
- Determine the running versions of the following firmware:
– The firmware kernel version on the fabric interconnect
Step 1 Connect to the console port.
Step 2 Power cycle the fabric interconnect:
a. Turn off the power to the fabric interconnect.
b. Turn on the power to the fabric interconnect.
Step 3 In the console, press the following key combination as it boots to get the loader prompt.
You may need to press the key combination multiple times before your screen displays the loader prompt.
Step 4 Enter “cmdline force_init_systemrecoverymode=1”.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
Step 5 Boot the kernel firmware version on the fabric interconnect.
loader > boot bootflash:cmdline_force_init_system_recoverymode=1
loader > boot bootflash:installables/switch/ucs-6400-k9-system.7.0.3.N2.4.04c.bin
Erasing the Cisco UCS Manager Database
This procedure erases the Cisco UCS Manager database without a complete SSD re-initialization.
Cisco UCS 2200 Series Fabric Extenders
In terms of serial, electrically erasable, and programmable nonvolatile memory components (EEPROM and Flash memory), the Cisco UCS 2204 and 2208 Fabric Extenders contain one failure/error log, and no stored user data. This error log, the OBFL (On Board Failure Log), is only accessible with the assistance of Cisco service technicians. Contact Cisco’s TAC service personnel to initiate clearing the OBFL of the Fabric Extenders.
Cisco UCS 5108 Blade Server Chassis
The Cisco UCS 5108 Blade Server Chassis has serial, electrically erasable, and programmable read-only memory (SEEPROM) components that are used to store manufacturing hardware identification and hardware configuration information. The majority of SEEPROM devices are not written by users and contain no customer information. The following procedure for clearing the chassis SEEPROM devices that can retain customer-written data is included in this section:
Feedback