Name: Cisco TrustSec
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Contents

Cisco TrustSec Configuration Guide

OL-22192-01

Manually Configuring SGACL Policies 5-4

Manually Configuring and Applying IPv4 SGACL Policies 5-4

Configuration Examples for Manually Configuring SGACL Policies 5-5

Displaying SGACL Policies 5-6

Refreshing the Downloaded SGACL Policies 5-7

Configuring Endpoint Admission Control 6-1

Information About Endpoint Admission Control 6-1

Basic EAC Configuration Sequence 6-2

802.1X Authentication Configuration 6-2

Verifying the 802.1X Configuration 6-2

MAC Authentication Bypass Configuration 6-3

Verifying the MAB Configuration 6-3

Web Authentication Proxy Configuration 6-4

Verifying Web Authentication Proxy Configuration 6-4

Flexible Authentication Sequence and Failover Configuration 6-5

802.1X Host Modes 6-5

Pre-Authentication Open Access 6-5

DHCP Snooping and SGT Assignment 6-6

Verifying the SGT to Endpoint Host Binding 6-6

Cisco TrustSec Endpoint Access Control Feature Histories 6-7

Cisco TrustSec Command Summary 7-1

Notes for Catalyst 3000 and 2000 Series Switches and WLC 5700 Series Wireless LAN

Controllers A-1

Supported Hardware and Software A-1

Configuration Guidelines and Restrictions A-1

Global Cat3K Restrictions A-1

Catalyst 3850 and Catalyst 3650 Switches, and WLC 5700 Wireless LAN Controllers A-2

Catalyst 3750-X and Catalyst 3560-X switches A-2

Notes for Catalyst 4500 Series Switches B-1

Supported Hardware and Software B-1

TrustSec SGT and SGACL Configuration Guidelines and Limitations B-1

Questions and Answers:

Need help?

Do you have a question about the Cisco TrustSec and is the answer not in the manual?

Cisco TrustSec Specifications

General

Category	Network Security
Functionality	Provides role-based access control, network segmentation, and policy enforcement.
Key Components	Security Group Tags (SGT), Security Exchange Protocol (SXP).
Authentication Methods	802.1X, MAC Authentication Bypass (MAB), Web Authentication
Security Group Tagging (SGT)	Assigns security group tags to users and devices for identity-based segmentation.
Security Exchange Protocol (SXP)	A protocol used to propagate SGT information across network devices.
Policy Enforcement	Enforces security policies based on SGTs and SGACLs.
Benefits	Enhanced security, simplified policy management, and improved compliance.
Encryption	Supports encryption for data in transit through IPsec and MACsec.
Scalability	Scalable to large enterprise networks with thousands of devices.
Compatibility	Compatible with a wide range of Cisco network devices.
Description	Cisco TrustSec is a security architecture framework designed to build secure networks. It uses identity-based access control to segment the network and enforce policies based on user roles and device types, rather than relying solely on IP addresses.