- Index
- Preface
- Product Overview
- Command-Line Interfaces
- Smart Port Macros
- Virtual Switching Systems (VSS)
- Enhanced Fast Software Ugrade (eFSU)
- NSF with SSO Supervisor Engine Redundancy
- RPR Supervisor Engine Redundancy
- Interface Configuration
- UniDirectional Link Detection (UDLD)
- Power Management and Environmental Monitoring
- EnergyWise
- Online Diagnostics
- Onboard Failure Logging
- Switch Fabric Functionality
- Cisco IP Phone Support
- Power over Ethernet
- Layer 2 LAN Ports
- Flex Links
- EtherChannels
- mLACP for Server Access
- IEEE 802.1ak MVRP and MRP
- VLAN Trunking Protocol (VTP)
- VLANs
- Private VLANs (PVLANs)
- Private Hosts
- IEEE 802.1Q Tunneling
- Layer 2 Protocol Tunneling
- STP and MST
- Optional STP Features
- Layer 3 Interface Configuration
- Unidirectional Ethernet (UDE) and unidirectional link routing (UDLR)
- Multiprotocol Label Switching (MPLS)
- L2VPN Advanced VPLS (A-VPLS)
- IP Unicast Layer 3 Switching
- IPv6 Multicast Layer 3 Switching
- MLD Snooping for IPv6 Multicast Traffic
- IPv4 Multicast Layer 3 Switching
- IGMP Snooping and MVR for IPv4 Multicast Traffic
- Configuring MVR for IPv4 Multicast Traffic
- IPv4 IGMP Filtering and Router Guard
- PIM Snooping
- IPv4 Multicast VPN Support
- PFC QoS
- AutoQoS
- MPLS QoS
- PFC QoS Statistics Data Export
- Network Security
- AutoSecure
- Cisco IOS ACL Support
- Cisco TrustSec (CTS)
- Port ACLs (PACLs) and VLAN ACLs (VACLs)
- Denial of Service Protection
- Control Plane Policing (CoPP)
- DHCP Snooping
- IP Source Guard
- Dynamic ARP Inspection
- Traffic Storm Control
- Unknown Unicast and Multicast Flood Control
- Network Admission Control (NAC)
- IEEE 802.1X Port-Based Authentication
- Web-Based Authentication
- Port Security
- NetFlow
- NetFlow Data Export (NDE)
- Call Home
- System Event Archive (SEA)
- Backplane Platform Monitoring
- SPAN, RSPAN, and ERSPAN
- SNMP IfIndex Persistence
- Top-N Reports
- Layer 2 Traceroute Utility
- Mini Protocol Analyzer
- Ethernet Services Line Cards
- Online Diagnostic Tests
- Acronyms
Configuring Cisco TrustSec
Cisco TrustSec is an umbrella term for security improvements to Cisco network devices based on the capability to strongly identify users, hosts and network devices within a network. TrustSec provides topology independent and scalable access controls by uniquely classifying data traffic for a particular role. TrustSec ensures data confidentiality and integrity by establishing trust among authenticated peer and encrypting links with those peers.
To configure Cisco Trustsec on the Cisco Catalyst 6500 Series switches, see the publication, "Cisco TrustSec Switch Configuration Guide" at the following URL:
http://www.cisco.com/en/US/docs/switches/lan/trustsec/configuration/guide/trustsec.html
Release Notes for Cisco TrustSec 1.0 General Availability 2010 Release are at the following URL:
http://www.cisco.com/en/US/docs/switches/lan/trustsec/release/notes/cts1_0.html
Additional information on the Cisco TrustSec Solution, including overviews, datasheets, and case studies, is available at:
http://www.cisco.com/en/US/netsol/ns1051/index.html
Table 1 lists the TrustSec features to be eventually implemented on TrustSec-enabled network devices. Successive general availability releases of TrustSec will expand the number of network devices supported and the number of TrustSec features supported per device. See the section, "Hardware Supported" for information on which TrustSec features are implemented.
Hardware Supported
Table 2 lists the TrustSec features supported by platform on the release date of Cisco IOS 12.2(33) SXI4.
|
|
|
---|---|---|
Catalyst 3560 Series |
Cisco IOS 12.2 (53) SE |
EAC; SXP |
Catalyst 3750 Series |
Cisco IOS 12.2 (53) SE |
EAC; SXP |
Catalyst 4500 Series |
Cisco IOS 12.2 (50) SG5 |
EAC; SXP |
Catalyst 6500 Series |
Cisco IOS 12.2(33) SXI31 |
EAC; SXP; NDAC (no SAP) |
Nexus 7000 Series |
Cisco NX-OS 4.2.1 |
EAC; SXP; NDAC; SGACL; MACSec |
1 Cisco TrustSec was implemented on the Catalyst 6500 Series in SXI3, but announced as generally available in SXI4. |