In this article we will discuss main topics about Cisco Trustsec. There are five parts that are related to Cisco Trustsec. What are they? Let’s take a look…
- What is Cisco Trustsec?
- What is SGA & how does it work?
- How is Authenticated Networking environment acheived?
- Used cases for Cisco Trustsec?
- Benefits of using Cisco Trustsec
Cisco TrustSec ?
Cisco TrustSec technology protects assets such as data, applications, and mobile devices from unauthorized access. It simplifies the provisioning and management of network access, accelerates security operations, and consistently enforces policy anywhere in the network.
Key Features of Secure Group Access
• Security Based Access Control
• Authenticated Networking Environment
• Confidentiality and Integrity
Traditional way of traffic filtering
![]()
Trustsec simplifies the classic challenges of Access Control
![]()
How does the Frame look like ?
![]()
Tagging happens prior to L2 services such as QoS
No Effect on IP MTU/Fragmentation
What is NDAC?
![]()
Network Device Admission Control
• NDAC validates peer identity before peer becomes the Circle of trust
• First Device to communicate with ISE is Seed device
• NDAC uses EAP-FAST/MSchapv2 for Authentication
Cisco TrustSec Supported Network Devices
• Cisco Catalyst 2960-S/SF/C, 3560-E/C, 3750-E Series: SXP only
• Cisco Catalyst 3560-X, 3750-X Series: SXP, SGT, SG-ACL
• Cisco Catalyst 4500 Series with Supervisor 6(L)-E, 7(L)-E: SXP only
• Cisco Catalyst 6500 Series with Supervisor Engine 2T: SXP, SGT, SG-ACL
• Cisco Nexus 7000 and 5000 Series: SXP, SGT, SG-ACL
• Cisco Nexus 1000v Series: SXP only
• Cisco Wireless LAN Controller 2500 and 5500
• Cisco Wireless Service Module (WiSM) 2
• Cisco Wireless Controller on Cisco Services-Ready Engine (SRE): SXP only
• Cisco Integrated Services Router G2: SXP, Security Group Firewall (SG-FW)
• Cisco ASR 1000 Series Aggregation Services Router: SXP, SG-FW
• Cisco ASA 5500 and 5500-X Series Next-Generation Firewalls: SXP, SG-FW
• Virtual Desktop Infrastructure (VDI)
• Cisco AnyConnect Secure Mobility Client with Remote Desktop Protocol (RDP)
From https://supportforums.cisco.com/document/12067581/community-tech-talk-understanding-cisco-trustsec-secure-group-access
More Related Topics
Cisco TrustSec Software-Security Solution
Cisco TrustSec technology protects assets such as data, applications, and mobile devices from unauthorized access. It simplifies the provisioning and management of network access, accelerates security operations, and consistently enforces policy anywhere in the network.
Key Features of Secure Group Access
• Security Based Access Control
• Authenticated Networking Environment
• Confidentiality and Integrity
Traditional way of traffic filtering
Trustsec simplifies the classic challenges of Access Control
How does the Frame look like ?
Tagging happens prior to L2 services such as QoS
No Effect on IP MTU/Fragmentation
What is NDAC?
Network Device Admission Control
• NDAC validates peer identity before peer becomes the Circle of trust
• First Device to communicate with ISE is Seed device
• NDAC uses EAP-FAST/MSchapv2 for Authentication
Cisco TrustSec Supported Network Devices
• Cisco Catalyst 2960-S/SF/C, 3560-E/C, 3750-E Series: SXP only
• Cisco Catalyst 3560-X, 3750-X Series: SXP, SGT, SG-ACL
• Cisco Catalyst 4500 Series with Supervisor 6(L)-E, 7(L)-E: SXP only
• Cisco Catalyst 6500 Series with Supervisor Engine 2T: SXP, SGT, SG-ACL
• Cisco Nexus 7000 and 5000 Series: SXP, SGT, SG-ACL
• Cisco Nexus 1000v Series: SXP only
• Cisco Wireless LAN Controller 2500 and 5500
• Cisco Wireless Service Module (WiSM) 2
• Cisco Wireless Controller on Cisco Services-Ready Engine (SRE): SXP only
• Cisco Integrated Services Router G2: SXP, Security Group Firewall (SG-FW)
• Cisco ASR 1000 Series Aggregation Services Router: SXP, SG-FW
• Cisco ASA 5500 and 5500-X Series Next-Generation Firewalls: SXP, SG-FW
• Virtual Desktop Infrastructure (VDI)
• Cisco AnyConnect Secure Mobility Client with Remote Desktop Protocol (RDP)
From https://supportforums.cisco.com/document/12067581/community-tech-talk-understanding-cisco-trustsec-secure-group-access
More Related Topics
Cisco TrustSec Software-Security Solution