EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

AF

Cisco TrustSec in SDWAN

Cisco TrustSec in SDWAN

Cisco TrustSec Overview

In Order to understand the Cisco Trustsec , We need to see the traditional Segmentation in below figure.

Cisco TrustSec provides the capabilities of implementing policy-based segmentation and policy enforcement while being highly scalable and topology agnostic. Cisco TrustSec uses constructs known as Security Group Tags (SGTs) to group endpoints or users with similar network requirements. SGT's travel through the network either in line with the data or network devices propagate them by using a dedicated protocol called Security Group Tag Exchange Protocol (SXP). At the egress of the TrustSec network, network devices use these tags to enforce policies. 

Here are the basic Cisco TrustSec policy elements:

  • SGTs
  • Contracts (Security Group Access Control List [SGACL])
  • TrustSec Policy Matrix

Here are some benefits of Cisco TrustSec:

  • Secure access to network services and applications.
  • Group-based policy enforcement across the network.
  • Software-defined network segmentation.
  • Scalable policy enforcement.


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.