Cisco TrustSec
|
This feature was introduced.
|
4.2(1)SV2(1.1)
|
Configuring Cisco TrustSec for Cisco Nexus 1000V
|
Licensing Changes and advanced features
|
The following features are available as advanced features that require licenses: Cisco TrustSec, DHCP snooping, IP Source Guard, and Dynamic ARP Inspection.
|
4.2(1)SV2(1.1)
|
Configuring DHCP Snooping,Configuring Dynamic ARP Inspection,Configuring IP Source Guard
|
DHCP Enhancements
|
You can enable source IP-based filtering on the Cisco Nexus 1000V switch.
|
4.2(1)SV2(1.1)
|
Configuring DHCP Snooping
|
ACL Logging
|
You can log statistics for flows that match the ACL permit or deny conditions to monitor the flows.
|
4.2(1)SV1 (5.1)
|
Configuring MAC ACLs
|
UUFB
|
You can block unknown unicast packets from flooding the forwarding path.
|
4.2(1)SV1(4a)
|
Blocking Unknown Unicast Flooding
|
DHCP Snooping Relay Agent (Option 82)
|
You can configure DHCP to relay VSM MAC and port information in DHCP packets.
|
4.2(1)SV1(4)
|
Configuring DHCP Snooping
|
DHCP Snooping binding table
|
You can clear DHCP snooping binding table entries for an interface.
|
4.2(1)SV1(4)
|
Configuring DHCP Snooping
|
Enable DHCP
|
You can enable or disable DHCP globally by using the feature DHCP command.
|
4.2(1)SV1(4)
|
Configuring DHCP Snooping
|
Enable SSH server
|
You can enable or disable the SSH server by using the feature DHCP command.
|
4.2(1)SV1(4)
|
Configuring SSH
|
Enable Telnet server
|
You can enable or disable the Telnet server by using the feature DHCP command.
|
4.2(1)SV1(4)
|
Configuring Telnet
|
Disable HTTP Server
|
You can disable the HTTP server for security purposes.
|
4.0(4)SV1(4)
|
Disabling the HTTP Server
|
VSD
|
Virtual service domains (VSDs) allow you to classify and separate traffic for network services.
|
4.0(4)SV1(2)
|
Chapter 3, "Configuring VSD"
|
DHCP Snooping
|
The Dynamic Host Configuration Protocol (DHCP) snooping acts like a firewall between untrusted hosts and trusted DHCP servers.
|
4.0(4)SV1(2)
|
Configuring DHCP Snooping
|
Dynamic ARP Inspection (DAI)
|
Dynamic ARP-inspection (DAI) provides IP communication within a Layer 2 broadcast domain by mapping an IP address to a MAC address.
|
4.0(4)SV1(2)
|
Configuring Dynamic ARP Inspection
|
IP Source Guard
|
IP Source Guard is a per-interface traffic permit filter for IP and MAC addresses.
|
4.0(4)SV1(2)
|
Configuring IP Source Guard
|