EasyManuals Logo

Cisco TrustSec User Manual

Cisco TrustSec
208 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #201 background imageLoading...
Page #201 background image
GL-1
Cisco TrustSec Configuration Guide
OL-22192-01
GLOSSARY
Revised: May 28, 2010, OL-22192-01
Numeric
802.1AE
IEEE 802.1AE defines a Layer 2 hop-by-hop encryption process used between Cisco TrustSec
hardware-capable devices. TrustSec uses SAP for the key management and cipher negotiation
mechanism.
A
Authenticator
A network device that is a member of a TrustSec network can authenticate a network device attempting
to join the TrustSec network, in the role of authenticator to supplicant device. NDAC is the process by
which the supplicant device is admitted into the TrustSec Network.
C
CTS
Cisco Trusted Security, or Cisco TrustSec, or TrustSec.
E
EAC
Endpoint Admission Control. A process of assigning SGT values to a specific IP address of the
endpoint. Depending on hardware and software support, an SGT can be assigned to a source IP address
with 802.1X authentication, MAC Authentication Bypass, Web Authentication Bypass, manual
assignment, or IPM.
EAP
Extensible Authentication Protocol. EAP-FAST is the EAP variant used in TrustSec networks for
NDAC authentication.
I
IPM
Identity-to-port mapping. A method for a switch to define the identity on a port to which an endpoint
is connected, and to use this identity to look up a particular SGT value in the Cisco Secure ACS server.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco TrustSec and is the answer not in the manual?

Cisco TrustSec Specifications

General IconGeneral
CategoryNetwork Security
FunctionalityProvides role-based access control, network segmentation, and policy enforcement.
Key ComponentsSecurity Group Tags (SGT), Security Exchange Protocol (SXP).
Authentication Methods802.1X, MAC Authentication Bypass (MAB), Web Authentication
Security Group Tagging (SGT)Assigns security group tags to users and devices for identity-based segmentation.
Security Exchange Protocol (SXP)A protocol used to propagate SGT information across network devices.
Policy EnforcementEnforces security policies based on SGTs and SGACLs.
BenefitsEnhanced security, simplified policy management, and improved compliance.
EncryptionSupports encryption for data in transit through IPsec and MACsec.
ScalabilityScalable to large enterprise networks with thousands of devices.
CompatibilityCompatible with a wide range of Cisco network devices.
DescriptionCisco TrustSec is a security architecture framework designed to build secure networks. It uses identity-based access control to segment the network and enforce policies based on user roles and device types, rather than relying solely on IP addresses.

Related product manuals