Name: Cisco TrustSec
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

7-97

Cisco TrustSec Configuration Guide

OL-22192-01

Chapter 7 Cisco TrustSec Command Summary

show cts sxp

To display SXP connection or SourceIP-to-SGT mapping information, use the show cts sxp command

in EXEC or privileged EXEC mode.

show cts sxp {connections | sgt-map} [brief | vrf instance_name]

Syntax Description

Defaults None

Command Modes EXEC (>); Privileged EXEC (#)

Supported User Roles Administrator

Command History

Usage Guidelines Use the cts sxp connections command to view the status of the network device SXP configuration. Use

the cts sxp sgt-map command to display the current SourceIP-to-SGT mapping database.

Examples The following example displays the default SXP configuration on a Catalyst 6500 series switch:

Router# show cts sxp connections

SXP : Disabled

Default Password : Not Set

Default Source IP: Not Set

Connection retry open period: 120 secs

Reconcile period: 120 secs

Retry open timer is not running

There are no SXP Connections.

connections Displays CTS SXP connections information.

sgt-map Displays the IP-SGT mappings received through SXP.

brief (Optional) Displays an abbreviation of the SXP information.

vrf instance_name (Optional) Displays the SXP information for the specified VRF instance

name.

Release Modification

12.2(33) SXI This command was introduced on the Catalyst 6500 series switches.

12.2 (50) SG7 This command was introduced on the Catalyst 4000 series switches

12.2 (53) SE2 This command was introduced on the Catalyst 3750(E) and 3560(E) series

switches.

12.2 (53) SE2 This command was introduced on the Catalyst 3750(X) series switches.

Questions and Answers:

Need help?

Do you have a question about the Cisco TrustSec and is the answer not in the manual?

Cisco TrustSec Specifications

General

Category	Network Security
Functionality	Provides role-based access control, network segmentation, and policy enforcement.
Key Components	Security Group Tags (SGT), Security Exchange Protocol (SXP).
Authentication Methods	802.1X, MAC Authentication Bypass (MAB), Web Authentication
Security Group Tagging (SGT)	Assigns security group tags to users and devices for identity-based segmentation.
Security Exchange Protocol (SXP)	A protocol used to propagate SGT information across network devices.
Policy Enforcement	Enforces security policies based on SGTs and SGACLs.
Benefits	Enhanced security, simplified policy management, and improved compliance.
Encryption	Supports encryption for data in transit through IPsec and MACsec.
Scalability	Scalable to large enterprise networks with thousands of devices.
Compatibility	Compatible with a wide range of Cisco network devices.
Description	Cisco TrustSec is a security architecture framework designed to build secure networks. It uses identity-based access control to segment the network and enforce policies based on user roles and device types, rather than relying solely on IP addresses.