Name: Cisco TrustSec
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

7-7

Cisco TrustSec Configuration Guide

OL-22192-01

Chapter 7 Cisco TrustSec Command Summary

cts cache

To enable caching of TrustSec authorization and environment data information to DRAM and NVRAM,

use the cts cache global configuration command. Use the no form of the command to disable caching.

[no] cts cache {

enable |

nv-storage {bootflash: [

dir] | disk0: [dir] | disk1: [dir] | sup-bootflash: [image]}

}

Syntax Description

Defaults The default is caching disabled.

Command Modes Global configuration (config)

Supported User Roles Administrator

Command History

Usage Guidelines The cts cache command enables caching of authentication, authorization and environment-data

information to DRAM. Caching is for the maintenance and reuse of information obtained through

authentication and authorization. Keystore provides for secure storage of a device's own credentials

(passwords, certificates, PACs) either in software or on a specialized hardware component. In the

absence of a dedicated hardware keystore, a software emulation keystore is created using DRAM and

NVRAM.

Cisco TrustSec creates a secure cloud of devices in a network by requiring that each device authenticate

and authorize its neighbors with a trusted AAA server (Cisco Secure ACS 5.1 or more recent) before

being granted access to the TrustSec network. Once the authentication and authorization is complete, the

information could be valid for some time. If caching is enabled, that information can be reused, allowing

the network device to bring up links without having to connect with the ACS, thus expediting the

enable Enables CTS cache support

nv-storage Causes DRAM cache updates to be written to non-volatile storage and

enables DRAM cache to be initially populated from nv-storage when the

network device boots.

bootflash: dir Specifies bootflash dir as the nv-storage location.

disk0: dir Specifies disk 0 directory as the nv-storage location.

disk1: dir Specifies disk 1 directory as the nv-storage location.

sup-bootflash: image Specifies a supervisor bootflash directory as the nv-storage location.

Release Modification

12.2(33) SXI This command was introduced on the Catalyst 6500 series switches.

12.2(50) SY PMK caching support is added for the Catalyst 6500 series switches.

Cisco TrustSec User Manual

Questions and Answers: