New and Changed Information
Feature |
Description |
Changed in Release |
Where Documented |
---|---|---|---|
MACsec ND ISSU |
Two new commands are introduced at the MACsec policy level to support MACsec ND ISSU on Cisco Nexus 9300-H2R switch |
10.5(3o) |
|
Enhancement to retrieve Type-6 primary key detail |
Added new show command to display the stored details (protection-type, time stamp, first-16-characters of primary key hash, length of primary key) of the Type-6 primary key. |
10.5(3)F |
|
Caching RADIUS Credentials |
The RADIUS Credential Caching feature stores authenticated user credentials locally thus eliminating repeated authentication requests to the RADIUS server for the same credentials. |
10.5(3)F |
|
Custom CoPP |
Added Custom CoPP support on Cisco Nexus 9364E-SG2-Q and 9364E-SG2-O switches. |
10.5(3)F |
|
RACL support for both ingress and egress directions |
Added RACL support for both ingress and egress directions on Cisco Nexus 9364E-SG2-Q switches. |
10.5(3)F |
|
ACL support |
Added ACL support on the Cisco Nexus 9364E-SG2-Q and 9364E-SG2-O switches |
10.5(3)F |
|
DHCP relay support |
Added DHCP relay support on the Cisco Nexus 9364E-SG2-Q switches |
10.5(3)F |
|
QKD MACsec fallback support |
Added QKD MACsec fallback to Pre-Shared Key (PSK) support to establish a secured MKA session when the primary Postquantum Preshared Key (PPK) fails. |
10.5(2)F |
|
CoPP configuration consistency |
Added support to check CoPP configuration consistency. |
10.5(2)F |
|
DACL support on Cisco Nexus 9300 switches |
Extended support for the DACL feature on Cisco Nexus 9300-FX3, GX, GX2, H2R, and H1 Series switches. |
10.5(2)F |
Guidelines and Limitations for Per-User DACL Support for 802.1X |
uRPF support |
Added uRPF support on Cisco Nexus 9800 Series switches. |
10.5(2)F |
|
Increase RSA key size to 4096 bits |
Extended support for RSA key sizes to 4096 bits for SSH and to 3072 and 4096 bits for cryptographic certificates. |
10.5(2)F |
|
Support for Dot1x with Voice VLAN |
Added support for the 802.1X Voice VLAN feature to enable multi-domain 802.1X authentication on a single port, providing authentication support for both VoIP phone and data client behind it. |
10.5(2)F |
|
Security Group ACL (SGACL) Feature interaction support |
Added support of Security Group ACL for the ESI, VXLAN-TE, VXLAN-PBR, CloudSec (DCI), and TRM features. |
10.5(1)F |