EasyManuals Logo

Cisco TrustSec User Manual

Cisco TrustSec
208 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #69 background imageLoading...
Page #69 background image
4-9
Cisco TrustSec Configuration Guide
OL-22192-01
Chapter 4 Configuring SGT Exchange Protocol over TCP (SXP) and Layer 3 Transport
Configuring Cisco TrustSec Caching
This example shows how to configure a Cisco TrustSec ingress reflector:
Router# configure terminal
Router(config)# platform cts ingress
Router(config)# exit
Router# show platform cts
CTS Ingress mode enabled
Note Before disabling the Cisco TrustSec ingress reflector, you must remove power from the Cisco
TrustSec-incapable switching modules.
To configure the Cisco TrustSec egress reflector function, perform this task.
Detailed Steps for Catalyst 6500
This example shows how to configure a Cisco TrustSec egress reflector:
Router# configure terminal
Router(config)# platform cts egress
Router(config)# exit
Router# show platform cts
CTS Egress mode enabled
Note Before disabling the Cisco TrustSec egress reflector, you must remove power from the Cisco
TrustSec-incapable switching modules.
Configuring Cisco TrustSec Caching
Enabling Cisco TrustSec Caching
For quick recovery from brief outages, you can enable caching of authentication, authorization, and
policy information for Cisco TrustSec connections. Caching allows Cisco TrustSec devices to use
unexpired security information to restore links after an outage without requiring a full reauthentication
Step 3
Router(config)# exit
Exits configuration mode.
Step 4
Router# show platform cts
Displays Cisco TrustSec reflector mode (Ingress,
Egress, Pure, or No CTS).
Command Purpose
Command Purpose
Step 1
Router# configure terminal
Enters configuration mode.
Step 2
Router(config)# [no] platform cts egress
Activates the Cisco TrustSec egress reflector.
Step 3
Router(config)# exit
Exits configuration mode.
Step 4
Router# show platform cts
Displays Cisco TrustSec reflector mode (Ingress,
Egress, Pure, or No CTS).

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco TrustSec and is the answer not in the manual?

Cisco TrustSec Specifications

General IconGeneral
CategoryNetwork Security
FunctionalityProvides role-based access control, network segmentation, and policy enforcement.
Key ComponentsSecurity Group Tags (SGT), Security Exchange Protocol (SXP).
Authentication Methods802.1X, MAC Authentication Bypass (MAB), Web Authentication
Security Group Tagging (SGT)Assigns security group tags to users and devices for identity-based segmentation.
Security Exchange Protocol (SXP)A protocol used to propagate SGT information across network devices.
Policy EnforcementEnforces security policies based on SGTs and SGACLs.
BenefitsEnhanced security, simplified policy management, and improved compliance.
EncryptionSupports encryption for data in transit through IPsec and MACsec.
ScalabilityScalable to large enterprise networks with thousands of devices.
CompatibilityCompatible with a wide range of Cisco network devices.
DescriptionCisco TrustSec is a security architecture framework designed to build secure networks. It uses identity-based access control to segment the network and enforce policies based on user roles and device types, rather than relying solely on IP addresses.

Related product manuals