The Branch Gateway provides a mechanism for storage, backup, and restoration of sensitive materials (passwords and keys) maintained in the Branch Gateways.
All sensitive materials are encrypted using a Master Configuration Key (MCK), derived from a passphrase entered by an administrator. The secrets are then stored in the configuration file in an encrypted format. This enables copying configurations, including secrets, from one device to another. The only requirement is that the administrator must generate an identical MCK (by using the same passphrase) in the target device before executing the copy operation.
Note:
All Gateways have the same default MCK. For security reasons, it is recommended to configure a new MCK immediately upon Branch Gateway installation.
