EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFCisco TrustSec in SDWAN
Cisco TrustSec Overview
In Order to understand the Cisco Trustsec , We need to see the traditional Segmentation in below figure.
Cisco TrustSec provides the capabilities of implementing policy-based segmentation and policy enforcement while being highly scalable and topology agnostic. Cisco TrustSec uses constructs known as Security Group Tags (SGTs) to group endpoints or users with similar network requirements. SGT's travel through the network either in line with the data or network devices propagate them by using a dedicated protocol called Security Group Tag Exchange Protocol (SXP). At the egress of the TrustSec network, network devices use these tags to enforce policies.
Here are the basic Cisco TrustSec policy elements:
- SGTs
- Contracts (Security Group Access Control List [SGACL])
- TrustSec Policy Matrix
Here are some benefits of Cisco TrustSec:
- Secure access to network services and applications.
- Group-based policy enforcement across the network.
- Software-defined network segmentation.
- Scalable policy enforcement.
LEAVE A COMMENT
Please login here to comment.