New and Changed Information for Security Configuration

This section lists new and changed content in this document by software release.

To find additional information about new features or command changes, see the Cisco Nexus 1000V Release Notes and Cisco Nexus 1000V Command Reference.

Table 1 New and Changed Features
Feature	Description	Changed in Release	Where Documented
Cisco TrustSec	This feature was introduced.	4.2(1)SV2(1.1)	Configuring Cisco TrustSec for Cisco Nexus 1000V
Licensing Changes and advanced features	The following features are available as advanced features that require licenses: Cisco TrustSec, DHCP snooping, IP Source Guard, and Dynamic ARP Inspection.	4.2(1)SV2(1.1)	Configuring DHCP Snooping,Configuring Dynamic ARP Inspection,Configuring IP Source Guard
DHCP Enhancements	You can enable source IP-based filtering on the Cisco Nexus 1000V switch.	4.2(1)SV2(1.1)	Configuring DHCP Snooping
ACL Logging	You can log statistics for flows that match the ACL permit or deny conditions to monitor the flows.	4.2(1)SV1 (5.1)	Configuring MAC ACLs
UUFB	You can block unknown unicast packets from flooding the forwarding path.	4.2(1)SV1(4a)	Blocking Unknown Unicast Flooding
DHCP Snooping Relay Agent (Option 82)	You can configure DHCP to relay VSM MAC and port information in DHCP packets.	4.2(1)SV1(4)	Configuring DHCP Snooping
DHCP Snooping binding table	You can clear DHCP snooping binding table entries for an interface.	4.2(1)SV1(4)	Configuring DHCP Snooping
Enable DHCP	You can enable or disable DHCP globally by using the feature DHCP command.	4.2(1)SV1(4)	Configuring DHCP Snooping
Enable SSH server	You can enable or disable the SSH server by using the feature DHCP command.	4.2(1)SV1(4)	Configuring SSH
Enable Telnet server	You can enable or disable the Telnet server by using the feature DHCP command.	4.2(1)SV1(4)	Configuring Telnet
Disable HTTP Server	You can disable the HTTP server for security purposes.	4.0(4)SV1(4)	Disabling the HTTP Server
VSD	Virtual service domains (VSDs) allow you to classify and separate traffic for network services.	4.0(4)SV1(2)	Chapter 3, "Configuring VSD"
DHCP Snooping	The Dynamic Host Configuration Protocol (DHCP) snooping acts like a firewall between untrusted hosts and trusted DHCP servers.	4.0(4)SV1(2)	Configuring DHCP Snooping
Dynamic ARP Inspection (DAI)	Dynamic ARP-inspection (DAI) provides IP communication within a Layer 2 broadcast domain by mapping an IP address to a MAC address.	4.0(4)SV1(2)	Configuring Dynamic ARP Inspection
IP Source Guard	IP Source Guard is a per-interface traffic permit filter for IP and MAC addresses.	4.0(4)SV1(2)	Configuring IP Source Guard

New and Changed Information

Contents

New and Changed Information
New and Changed Information for Security Configuration

New and Changed Information

This chapter lists new and changed content in this document by software release.

New and Changed Information for Security Configuration

New and Changed Information for Security Configuration

This section lists new and changed content in this document by software release.

To find additional information about new features or command changes, see the Cisco Nexus 1000V Release Notes and Cisco Nexus 1000V Command Reference.

Table 1 New and Changed Features
Feature	Description	Changed in Release	Where Documented
Cisco TrustSec	This feature was introduced.	4.2(1)SV2(1.1)	Configuring Cisco TrustSec for Cisco Nexus 1000V
Licensing Changes and advanced features	The following features are available as advanced features that require licenses: Cisco TrustSec, DHCP snooping, IP Source Guard, and Dynamic ARP Inspection.	4.2(1)SV2(1.1)	Configuring DHCP Snooping,Configuring Dynamic ARP Inspection,Configuring IP Source Guard
DHCP Enhancements	You can enable source IP-based filtering on the Cisco Nexus 1000V switch.	4.2(1)SV2(1.1)	Configuring DHCP Snooping
ACL Logging	You can log statistics for flows that match the ACL permit or deny conditions to monitor the flows.	4.2(1)SV1 (5.1)	Configuring MAC ACLs
UUFB	You can block unknown unicast packets from flooding the forwarding path.	4.2(1)SV1(4a)	Blocking Unknown Unicast Flooding
DHCP Snooping Relay Agent (Option 82)	You can configure DHCP to relay VSM MAC and port information in DHCP packets.	4.2(1)SV1(4)	Configuring DHCP Snooping
DHCP Snooping binding table	You can clear DHCP snooping binding table entries for an interface.	4.2(1)SV1(4)	Configuring DHCP Snooping
Enable DHCP	You can enable or disable DHCP globally by using the feature DHCP command.	4.2(1)SV1(4)	Configuring DHCP Snooping
Enable SSH server	You can enable or disable the SSH server by using the feature DHCP command.	4.2(1)SV1(4)	Configuring SSH
Enable Telnet server	You can enable or disable the Telnet server by using the feature DHCP command.	4.2(1)SV1(4)	Configuring Telnet
Disable HTTP Server	You can disable the HTTP server for security purposes.	4.0(4)SV1(4)	Disabling the HTTP Server
VSD	Virtual service domains (VSDs) allow you to classify and separate traffic for network services.	4.0(4)SV1(2)	Chapter 3, "Configuring VSD"
DHCP Snooping	The Dynamic Host Configuration Protocol (DHCP) snooping acts like a firewall between untrusted hosts and trusted DHCP servers.	4.0(4)SV1(2)	Configuring DHCP Snooping
Dynamic ARP Inspection (DAI)	Dynamic ARP-inspection (DAI) provides IP communication within a Layer 2 broadcast domain by mapping an IP address to a MAC address.	4.0(4)SV1(2)	Configuring Dynamic ARP Inspection
IP Source Guard	IP Source Guard is a per-interface traffic permit filter for IP and MAC addresses.	4.0(4)SV1(2)	Configuring IP Source Guard

Cisco Nexus 1000V Security Configuration Guide, 4.2(1)SV2(1.1)

Book Title

Chapter Title

Results

Chapter: New and Changed Information

New and Changed Information

New and Changed Information for Security Configuration

New and Changed Information

New and Changed Information for Security Configuration

Was this Document Helpful?

Contact Cisco

Related Cisco Community Discussions