- New and Changed Information
- Index
- Preface
- Overview
- Configuring AAA
- Configuring RADIUS
- Configuring TACACS+
- Configuring SSH and Telnet
- Configuring PKI
- Configuring User Accounts and RBAC
- Configuring 802.1X
- Configuring NAC
- Configuring Cisco TrustSec
- Configuring IP ACLs
- Configuring MAC ACLs
- Configuring VLAN ACLs
- Configuring Port Security
- Configuring DHCP Snooping
- Configuring Dynamic ARP Inspection
- Configuring Source Guard
- Configuring Keychain Management
- Configuring Traffic Storm Control
- Configuring Unicast RPF
- Configuring Control Plane Policing
- Configuring Rate Limits
New and Changed Information
This chapter provides release-specific information for each new and changed feature in the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.1. The latest version of this document is available at the following Cisco website:
http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os_cfg.html
To check for additional information about Cisco NX-OS Release 4.1, see the Cisco Nexus 7000 Series NX-OS Release Notes, Release 4.1, available at the following Cisco website:
http://www.cisco.com/en/US/products/ps9372/prod_release_notes_list.html
summarizes the new and changed features for the Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.1, and tells you where they are documented.
|
|
|
|
|
|---|---|---|---|
Atomic ACL updates |
Configuration of atomic ACL updates can be performed in the default virtual device context (VDC) only but affects all VDCs. |
4.1(4) |
|
Cisco TrustSec SXP passwords |
Added support for encrypted passwords for SXP connections in Cisco TrustSec. |
4.1(3) |
|
RADIUS CFS support |
Cisco Fabric Services (CFS) supports the distribution of the RADIUS configuration. |
4.1(2) |
|
TACACS+ CFS support |
CFS supports the distribution of the TACACS+ configuration. |
4.1(2) |
|
Password-aging notification |
Added password-aging notification for TACACS+ server-based sessions. |
4.1(2) |
|
RADIUS and TACACS+ server group source interfaces |
Added support for source interfaces to use when accessing RADIUS or TACACS+ servers. |
4.1(2) |
Chapter 3, "Configuring RADIUS" |
Public Key Infrastructure (PKI) support |
PKI allows the device to obtain and use digital certificates for secure communication in the network and provides manageability and scalability. |
4.1(2) |
|
SSH |
Added the feature ssh command and deprecated the ssh server enable command. |
4.1(2) |
|
Telnet |
Added the feature telnet command and deprecated the telnet server enable command. |
4.1(2) |
|
User role CFS support |
CFS supports the distribution of the user role configuration. |
4.1(2) |
|
IPv6 ACLs |
Added support for IPv6 ACLs. |
4.1(2) |
|
VLAN access maps |
Support was added for multiple entries in VLAN access maps. In addition, each entry supports multiple match commands. |
4.1(2) |
|
DCHP server support |
The number of DHCP server addresses that you can configure for each Layer 3 Ethernet interface increased from four to 16. |
4.1(2) |
|
Default policing policies |
The definitions of the default policing policies have changed as follows: • • • |
4.1(2) |
|
IPv6 ACL support |
CoPP supports IPv6 ACLs in the class maps. |
4.1(2) |
All the policing policies are one rate, two color.
Feedback