Name: Cisco TrustSec
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

2-2

Cisco TrustSec Configuration Guide

OL-22192-01

Chapter 2 Configuring the Cisco TrustSec Solution

Configuration Overview

• Base configuration for the Wireless LAN Controller

• Phased Deployment Overview

• Monitor Mode

• Migrating from Monitor Mode

• Low Impact Mode

• Closed Mode

• ISE Profiling Services

• ISE Base Configurations: Promiscuous VMware

• Central Web Authentication

• User Authentication and Authorization to Multiple Active Directory Domains

• ISE Deployment Type and Guideline

• Using Certificates to Differentiate Access

• On-boarding and Provisioning

• Server to Server Segmentation using Security Group Access

• Deploying EAP Chaining with AnyConnect NAM and Cisco ISE

• Failed Authentications & Authorizations

Supported Hardware and Software

For a list of TrustSec supported hardware and software per TrustSec release, see,

Release Notes for Cisco TrustSec General Availability Releases at the following URL:

http://www.cisco.com/en/US/docs/switches/lan/trustsec/release/notes/rn_cts_crossplat.html

See also, the Release Notes, Configuration Guides, and Command References for your device.

Prerequisites for Cisco TrustSec

The following are the prerequisites for establishing a TrustSec network with Catalyst switches:

• TrustSec software on all network devices

• Connectivity between all network devices

• Network availability of the Cisco Secure ACS 5.1, or Cisco ISE operating with a TrustSec license

• Directory, DHCP, DNS, certificate authority, and NTP servers functioning in the network

Questions and Answers:

Need help?

Do you have a question about the Cisco TrustSec and is the answer not in the manual?

Cisco TrustSec Specifications

General

Category	Network Security
Functionality	Provides role-based access control, network segmentation, and policy enforcement.
Key Components	Security Group Tags (SGT), Security Exchange Protocol (SXP).
Authentication Methods	802.1X, MAC Authentication Bypass (MAB), Web Authentication
Security Group Tagging (SGT)	Assigns security group tags to users and devices for identity-based segmentation.
Security Exchange Protocol (SXP)	A protocol used to propagate SGT information across network devices.
Policy Enforcement	Enforces security policies based on SGTs and SGACLs.
Benefits	Enhanced security, simplified policy management, and improved compliance.
Encryption	Supports encryption for data in transit through IPsec and MACsec.
Scalability	Scalable to large enterprise networks with thousands of devices.
Compatibility	Compatible with a wide range of Cisco network devices.
Description	Cisco TrustSec is a security architecture framework designed to build secure networks. It uses identity-based access control to segment the network and enforce policies based on user roles and device types, rather than relying solely on IP addresses.