Cisco ASA Series Cli Configuration Manual page 70
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
New Features
Table 1-5
New Features for ASA Version 9.0(1)/ASDM Version 7.0(1)
Feature
Firewall Features
Cisco TrustSec integration
Cisco ASA Series CLI Configuration Guide
1-8
Description
Cisco TrustSec provides an access-control solution that builds upon an existing
identity-aware infrastructure to ensure data confidentiality between network
devices and integrate security access services on one platform. In the Cisco
TrustSec solution, enforcement devices utilize a combination of user attributes
and end-point attributes to make role-based and identity-based access control
decisions.
In this release, the ASA integrates with Cisco TrustSec to provide security
group based policy enforcement. Access policies within the Cisco TrustSec
domain are topology-independent, based on the roles of source and destination
devices rather than on network IP addresses.
The ASA can utilize the Cisco TrustSec solution for other types of security
group based policies, such as application inspection; for example, you can
configure a class map containing an access policy based on a security group.
We introduced or modified the following commands: access-list extended, cts
sxp enable, cts server-group, cts sxp default, cts sxp retry period, cts sxp
reconcile period, cts sxp connection peer, cts import-pac, cts refresh
environment-data, object-group security, security-group, show
running-config cts, show running-config object-group, clear configure cts,
clear configure object-group, show cts, show object-group, show conn
security-group, clear cts, debug cts.
We introduced the following MIB: CISCO-TRUSTSEC-SXP-MIB.
We introduced or modified the following screens:
Configuration > Firewall > Identity by TrustSec
Configuration > Firewall > Objects > Security Groups Object Groups
Configuration > Firewall > Access Rules > Add Access Rules
Monitoring > Properties > Identity by TrustSec > PAC
Monitoring > Properties > Identity by TrustSec > Environment Data
Monitoring > Properties > Identity by TrustSec > SXP Connections
Monitoring > Properties > Identity by TrustSec > IP Mappings
Monitoring > Properties > Connections
Tools > Packet Tracer
Chapter 1
Introduction to the Cisco ASA
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
