Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 5.x
Preface
Downloads: This chapterpdf (PDF - 1.16MB) The complete bookPDF (PDF - 10.7MB) | The complete bookePub (ePub - 3.43MB) | Feedback

Preface

Preface

This preface describes the audience, organization, and conventions of the Cisco Nexus 7000 Series NX-OS Security Configuration Guide. It also provides information on how to obtain related documentation.

Audience

This publication is for experienced network administrators who configure and maintain Cisco NX-OS devices.

Document Organization

This document is organized into the following chapters:

Chapter

Description

"New and Changed Information"

Describes the new and changed information for the new Cisco NX-OS software software releases.

"Overview"

Describes the security features supported by the Cisco NX-OS software.

"Configuring AAA"

Describes how to configure authentication, authorization, and accounting (AAA) features.

"Configuring RADIUS"

Describes how to configure the RADIUS security protocol.

"Configuring TACACS+"

Describes how to configure the TACACS+ security protocol.

"Configuring LDAP"

Describes how to configure the LDAP security protocol.

"Configuring SSH and Telnet"

Describes how to configure certificate authorities and digital certificates in the Public Key Infrastructure (PKI).

"Configuring PKI"

Describes how to configure Secure Shell (SSH) and Telnet.

"Configuring User Accounts and RBAC"

Describes how to configure user accounts and role-based access control (RBAC).

"Configuring 802.1X"

Describes how to configure 802.1X authentication.

"Configuring NAC"

Describes how to configure Network Admission Control (NAC).

Configuring Cisco Trustsec"

Describes how to configure Cisco TrustSec integrated security.

"Configuring IP ACLs"

Describes how to configure IP access control lists (ACLs).

"Configuring MAC ACLs"

Describes how to configure MAC ACLs.

"Configuring VLAN ACLs"

Describes how to configure VLAN ACLs.

"Configuring Port Security"

Describes how to configure port security.

"Configuring DHCP"

Describes how to configure Dynamic Host Configuration Protocol (DHCP) snooping.

"Configuirng Dynamic ARP Inspection"

Describes how to configure Address Resolution Protocol (ARP) inspection.

"Configuring IP Source Guard"

Describes how to configure IP Source Guard.

"Configuring Password Encryption"

Describes how to configure password encryption.

"Configuring Keychain Management"

Describes how to configure keychain management.

"Configuring Traffic Storm Control"

Describes how to configure traffic storm control.

"Configuring Unicast RPF"

Describes how to configure Unicast Reverse Path Forwarding (Unicast RPF).

"Configuring Control Plane Policing"

Describes how to configure control plane policing on ingress traffic.

"Configuring Rate Limits"

Describes how to configure rate limits on egress traffic.

Document Conventions

Command descriptions use the following conventions:

Convention Description
bold

Bold text indicates the commands and keywords that you enter literally as shown.

Italic

Italic text indicates arguments for which the user supplies the values.

[x]

Square brackets enclose an optional element(keyword or argument).

[x | y]

Square brackets enclosing keywords or arguments separated by a vertical bar indicate an optional choice.

{x | y}

Braces enclosing keywords or arguments separated by a vertical bar indicate a required choice.

[x {y | z}]

Nested set of square brackets or braces indicate optional or required choices within optional or required elements. Braces and a vertical bar within square brackets indicate a required choice within an optional element.

variable

Indicates a variable for which you supply values, in context where italics cannot be used.

string A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks.

Examples use the following conventions:

Convention Description
screen font

Terminal sessions and information the switch displays are in screen font.

boldface screen font

Information you must enter is in boldface screen font.

italic screen font

Arguments for which you supply values are in italic screen font.

< >

Nonprinting characters, such as passwords, are in angle brackets.

[ ]

Default responses to system prompts are in square brackets.

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.

This document uses the following conventions:


Note


Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.



Caution


Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.


Related Documentation

Cisco NX-OS documentation is available at the following URL:

http:/​/​www.cisco.com/​en/​US/​products/​ps9372/​tsd_​products_​support_​series_​home.html

The documentation set for the Cisco NX-OS software includes the following documents:

Release Notes

Cisco Nexus 7000 Series NX-OS Release Notes, Release 5.x

NX-OS Configuration Guides

Cisco Nexus 7000 Series NX-OS Configuration Examples, Release 5.x

Cisco Nexus 7000 Series NX-OS FabricPath Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS Interfaces Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide

Cisco Nexus 7000 Series NX-OS LISP Configuration Guide

Cisco Nexus 7000 Series NX-OS MPLS Configuration Guide

Cisco Nexus 7000 Series NX-OS Multicast Routing Configuration Guide

Cisco Nexus 7000 Series NX-OS OTV Configuration Guide

Cisco Nexus 7000 Series NX-OS Quality of Service Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS SAN Switching Configuration Guide

Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS Verified Scalability Guide

Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide

Cisco Nexus 7000 Series NX-OS Virtual Device Context Quick Start

Cisco Nexus 7000 Series OTV Quick Start Guide

Cisco NX-OS FCoE Configuration Guide for Cisco Nexus 7000 and Cisco MDS 9500

Configuring Feature Set for FabricPath

Configuring the Cisco Nexus 2000 Series Fabric Extender

NX-OS Command References

Cisco Nexus 7000 Series NX-OS Command Reference Master Index

Cisco Nexus 7000 Series NX-OS FabricPath Command Reference

Cisco Nexus 7000 Series NX-OS Fundamentals Command Reference

Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Command Reference

Cisco Nexus 7000 Series NX-OS Interfaces Command Reference

Cisco Nexus 7000 Series NX-OS Layer 2 Switching Command Reference

Cisco Nexus 7000 Series NX-OS LISP Command Reference

Cisco Nexus 7000 Series NX-OS MPLS Configuration Guide

Cisco Nexus 7000 Series NX-OS Multicast Routing Command Reference

Cisco Nexus 7000 Series NX-OS OTV Command Reference

Cisco Nexus 7000 Series NX-OS Quality of Service Command Reference

Cisco Nexus 7000 Series NX-OS SAN Switching Command Reference

Cisco Nexus 7000 Series NX-OS Security Command Reference

Cisco Nexus 7000 Series NX-OS System Management Command Reference

Cisco Nexus 7000 Series NX-OS Unicast Routing Command Reference

Cisco Nexus 7000 Series NX-OS Virtual Device Context Command Reference

Cisco NX-OS FCoE Command Reference for Cisco Nexus 7000 and Cisco MDS 9500

Other Software Document

Cisco Nexus 7000 Series NX-OS High Availability and Redundancy Guide

Cisco Nexus 7000 Series NX-OS MIB Quick Reference

Cisco Nexus 7000 Series NX-OS Software Upgrade and Downgrade Guide, Release 5.x

Cisco Nexus 7000 Series NX-OS Troubleshooting Guide

Cisco NX-OS Licensing Guide

Cisco NX-OS System Messages Reference

Cisco NX-OS XML Interface User Guide

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http:/​/​www.cisco.com/​en/​US/​docs/​general/​whatsnew/​whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.