Consolidated Platform Configuration Guide, Cisco Ios Release 15.2(4)E (Catalyst 2960-X Switches - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
◦ Network Admission Control (NAC) Layer 2 802.1x validation of the antivirus condition or posture
of endpoint systems or clients before granting the devices network access.
NAC is not supported on LanLite images.
Note
◦ Network Edge Access Topology (NEAT) with 802.1X switch supplicant, host authorization with
CISP, and auto enablement to authenticate a switch outside a wiring closet as a supplicant to another
switch.
NEAT is not supported on LanLite images.
Note
◦ IEEE 802.1x with open access to allow a host to access the network before being authenticated.
Note
This feature is not supported on LanLite images.
◦ IEEE 802.1x authentication with downloadable ACLs and redirect URLs to allow per-user ACL
downloads from a Cisco Secure ACS server to an authenticated switch.
◦ Support for dynamic creation or attachment of an auth-default ACL on a port that has no configured
static ACLs.
Note
This feature is not supported on LanLite images.
◦ Flexible-authentication sequencing to configure the order of the authentication methods that a port
tries when authenticating a new host.
◦ Multiple-user authentication to allow more than one host to authenticate on an 802.1x-enabled
port.
• TACACS+, a proprietary feature for managing network security through a TACACS server for both
IPv4 and IPv6.
• RADIUS for verifying the identity of, granting access to, and tracking the actions of remote users through
authentication, authorization, and accounting (AAA) services for both IPv4 and IPv6.
• Enhancements to RADIUS, TACACS+, and SSH to function over IPv6.
• Secure Socket Layer (SSL) Version 3.0 support for the HTTP 1.1 server authentication, encryption, and
message integrity and HTTP client authentication to allow secure HTTP communications (requires the
cryptographic version of the software).
• IEEE 802.1x Authentication with ACLs and the RADIUS Filter-Id Attribute.
• Support for IP source guard on static hosts.
• RADIUS Change of Authorization (CoA) to change the attributes of a certain session after it is
authenticated. When there is a change in policy for a user or user group in AAA, administrators can send
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
Security Features Overview
751
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
