Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.2
New and Changed Information
Downloads: This chapterpdf (PDF - 336.0KB) The complete bookPDF (PDF - 8.33MB) | Feedback

New and Changed Information

New and Changed Information

This chapter provides release-specific information for each new and changed feature in the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.2.

New and Changed Information

This chapter provides release-specific information for each new and changed feature in the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.2.

The latest version of this document is available at the following Cisco website:

http://www.cisco.com/en/US/products/ps9402/products_installation_and_configuration_guides_list.html

To check for additional information about Cisco NX-OS Release 4.2, see the Cisco Nexus 7000 Series NX-OS Release Notes, Release 4.2 available at the following Cisco website:

http://www.cisco.com/en/US/products/ps9402/prod_release_notes_list.html

This table summarizes the new and changed features for the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.2, and tells you where they are documented.
Table 1 New and Changed Security Features for Cisco NX-OS Release 4.2

Feature

Description

Changed in Release

Where Documented

CoPP

Updated the default policies with support for MAC access lists and Layer 2 default and unpoliced classes. Also modified existing class maps to include support for ACL MAC L2PT, L2MP, LLDP, flow control, and dot1x.

4.2(6)

Configuring Control Plane Policing

CoPP

Updated the default policies with support for ACL DHCP.

4.2(3)

Configuring Control Plane Policing

AAA MSCHAP V2

Allows enabling of MSCHAP V2 authentication.

4.2(1)

Configuring AAA

RADIUS statistics

Allows clearing of RADIUS server host statistics.

4.2(1)

Configuring RADIUS

TACACS+ statistics

Allows clearing of TACACS+ server host statistics.

4.2(1)

Configuring TACACS+

TACACS+ command authorization

Supports TACACS+ authorization for users to use EXEC or configuration commands.

4.2(1)

Configuring TACACS+

User accounts

Limits the allowed characters for a username.

4.2(1)

Configuring User Accounts and RBAC

802.1X

Supports creating and removing authenticator port access entities (PAE) instances on interfaces.

4.2(1)

Configuring 802.1X

ACL types

Supports MAC packet classification and its effect on applying an IP ACL as a port ACL.

4.2(1)

Configuring IP ACLs

MAC packet classification

Supports configuring whether MAC ACLs apply to all traffic on Layer 2 interfaces or only to non-IP traffic.

4.2(1)

Configuring MAC ACLs

Port Security

Supports port security support for Layer 2 port-channel interfaces.

4.2(1)

Configuring Port Security

DHCP snooping

Replaces the deprecated service dhcp command with the ip dhcp relay command.

4.2(1)

Configuring DHCP Snooping

CoPP

Updates the default policies for WCCP and Cisco TrustSec.

4.2(1)

Configuring Control Plane Policing