Cisco APIC Getting Started Guide, Release 6.2(x)

PDF

Cisco Nexus 9000 switch secure erase

Updated: January 12, 2026

Overview

This topic explains the secure erase feature for Cisco Nexus 9000 switches, detailing how it removes user data from various storage devices during RMA, upgrades, replacements, or decommissioning, supported by Cisco APIC release 6.0(1) and later.

Cisco Nexus 9000 switches utilize persistent storage to maintain system software images, switch configuration, software logs, and operational history. Each of these areas can contain information specific to the user, including network architecture details, design data, and security vulnerabilities. The secure erase feature enables you to comprehensively remove information during situations such as returning a switch for return merchandise authorization (RMA), upgrading or replacing a switch, or decommissioning a system that has reached its end of life.

Cisco APIC release 6.0(1) and later support secure erase. All the leaf and spine switches in the fabric must use APIC release 6.0(1) or later.

This feature erases user data from the following storage devices:

  • SSD

  • EMMC

  • MTD

  • CMOS

  • NVRAM

Note

Not every switch model has all these storage devices.

Securely Erase user data from a Cisco Nexus 9000 switch using the GUI

Use this task to decommission a switch and ensure no user data or configuration remains.

Before you begin

Use this procedure to securely erase user data from a Cisco Nexus 9000 switch using the GUI.

Procedure

1.

On the menu bar, choose Fabric > Inventory.
2.

In the Navigation pane, choose Fabric Membership.
3.

In the Work pane, right-click the switch (node) that you want to securely erase and choose Decommission.
4.

In the Decommission dialog, choose Decommission & Secure Remove.
5.

Click OK.

The decommission process takes from 2 to 8 hours, depending on the switch and SSD type. The process securely erases the switch and removes the switch configuration from the Cisco Application Policy Infrastructure Controller (APIC). However, the secure erase process does not remove the NX-OS image from the bootflash. The switch cannot join the fabric until you manually re-register the switch.

The switch reboots after the secure erase operation completes. To connect to the switch, you must use the terminal console because the IP address is not reachable.

Securely Erase user data from a module of a Cisco Nexus 9000 modular switch line card using the GUI

Before you begin

Use this procedure to securely erase user data from a module of a Cisco Nexus 9000 modular switch line card using the GUI.

Procedure

1.

On the menu bar, choose Fabric > Inventory.
2.

In the Navigation pane, choose pod_id > node_id > Chassis > Line Modules > slot_id.
3.

Right-click the slot ID and choose Disable.
4.

In the Disable dialog, click Secure Erase.

The process securely erases the data from the module of the switch and removes its configuration from the Cisco Application Policy Infrastructure Controller (APIC). The decommission process takes from 30 minutes to 2 hours, depending on the switch and SSD type, and leaves the module powered on. The NX-OS image from the bootflash remains unaffected.

What to do next

To connect to the switch, you must use the terminal console because the IP address is not reachable.

Securely Erase user data from a Cisco Nexus 9000 switch using the switch's CLI

Before you begin

Before you perform the secure erase operation using the CLI, decommission the switch or physically disconnect the switch from the fabric. If you do not decommission the switch or physically disconnect the switch from the fabric, the Cisco APICpushes configuration back to the switch after process.

Use this procedure to securely erase user data from a Cisco Nexus 9000 switch using the switch's CLI. You cannot use the Cisco Application Policy Infrastructure Controller (APIC)'s CLI for this procedure.

Procedure

1.

Log in to the switch’s CLI.
2.

Enter the virtual shell on your switch.

leaf1# vsh
3.

Disable the session timeout on your terminal.

leaf1# terminal session-timeout 0

If you do not disable the timeout, the VSH session can time out and exit before the secure erase completes and can provide status.
4.

Reset the switch to the factory settings to securely erase your data from the switch.

leaf1# factory-reset [preserve-image] [module module_number]

  • preserve-image: Specify this flag to retain the NX-OS image in the bootflash of the switch. If you do not specify this flag, the NX-OS image will also be erased and the switch will boot to the loader prompt.

  • module module_number: For modular switch line cards and fabric modules, you must specify the number of the module on which to perform the secure erase.

Depending on the switch and SSD type, the decommission process for nonmodular switches takes from 2 to 8 hours. The process securely erases the switch and removes the switch configuration from the Cisco Application Policy Infrastructure Controller (APIC). The secure erase process does not remove the NX-OS image from the bootflash. The switch cannot join the fabric until you manually register it again.

The switch reboots after the secure erase operation completes. To connect to the switch, you must use the terminal console because the IP address is not reachable.

For modular switch line cards or fabric modules, the decommission process takes from 30 minutes to 2 hours, depending on the switch and SSD type. The process securely erases the data from the module of the switch and removes the module's configuration from the Cisco APIC. The process does not remove the NX-OS image from the bootflash.

After the secure erase operation completes, the module will be in the powered-down state. To connect to the switch, you must use the terminal console because the IP address is not reachable.