- New and Changed Information
- Index
- Preface
- Overview
- Configuring AAA
- Configuring RADIUS
- Configuring TACACS+
- Configuring SSH and Telnet
- Configuring PKI
- Configuring User Accounts and RBAC
- Configuring 802.1X
- Configuring NAC
- Configuring Cisco TrustSec
- Configuring IP ACLs
- Configuring MAC ACLs
- Configuring VLAN ACLs
- Configuring Port Security
- Configuring DHCP Snooping
- Configuring Dynamic ARP Inspection
- Configuring Source Guard
- Configuring Keychain Management
- Configuring Traffic Storm Control
- Configuring Unicast RPF
- Configuring Control Plane Policing
- Configuring Rate Limits
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.1
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Chapter: New and Changed Information
New and Changed Information
This chapter provides release-specific information for each new and changed feature in the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.1. The latest version of this document is available at the following Cisco website:
http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os_cfg.html
To check for additional information about Cisco NX-OS Release 4.1, see the Cisco Nexus 7000 Series NX-OS Release Notes, Release 4.1, available at the following Cisco website:
http://www.cisco.com/en/US/products/ps9372/prod_release_notes_list.html
summarizes the new and changed features for the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.1, and tells you where they are documented.
|
|
|
|
|
|---|---|---|---|
Atomic ACL updates |
Configuration of atomic ACL updates can be performed in the default virtual device context (VDC) only but affects all VDCs. |
4.1(4) |
|
Cisco TrustSec SXP passwords |
Added support for encrypted passwords for SXP connections in Cisco TrustSec. |
4.1(3) |
|
RADIUS CFS support |
Cisco Fabric Services (CFS) supports the distribution of the RADIUS configuration. |
4.1(2) |
|
TACACS+ CFS support |
CFS supports the distribution of the TACACS+ configuration. |
4.1(2) |
|
Password-aging notification |
Added password-aging notification for TACACS+ server-based sessions. |
4.1(2) |
|
RADIUS and TACACS+ server group source interfaces |
Added support for source interfaces to use when accessing RADIUS or TACACS+ servers. |
4.1(2) |
Chapter 3, "Configuring RADIUS" |
Public Key Infrastructure (PKI) support |
PKI allows the device to obtain and use digital certificates for secure communication in the network and provides manageability and scalability. |
4.1(2) |
|
SSH |
Added the feature ssh command and deprecated the ssh server enable command. |
4.1(2) |
|
Telnet |
Added the feature telnet command and deprecated the telnet server enable command. |
4.1(2) |
|
User role CFS support |
CFS supports the distribution of the user role configuration. |
4.1(2) |
|
IPv6 ACLs |
Added support for IPv6 ACLs. |
4.1(2) |
|
VLAN access maps |
Support was added for multiple entries in VLAN access maps. In addition, each entry supports multiple match commands. |
4.1(2) |
|
DCHP server support |
The number of DHCP server addresses that you can configure for each Layer 3 Ethernet interface increased from four to 16. |
4.1(2) |
|
Default policing policies |
The definitions of the default policing policies have changed as follows: • • • |
4.1(2) |
|
IPv6 ACL support |
CoPP supports IPv6 ACLs in the class maps. |
4.1(2) |
All the policing policies are one rate, two color.
Feedback