Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco TrustSec

Software-defined segmentation

You need to segment your network to protect critical business assets. But traditional approaches are complex. Cisco TrustSec software-defined segmentation is simpler to enable than VLAN-based segmentation. Policy is defined through security groups. It is open through IETF, available within OpenDaylight, and supported on third-party and Cisco platforms. 

Features and benefits

Reduce risk

Segment devices without redesigning the network. Easily manage access to enterprise resources. Restrict lateral movement of threats with micro-segmentation.

Apply policies across the network

Scale fast and enforce policies consistently across the network. Streamline security policy management across domains. Use Cisco ISE to manage TrustSec security group tags and share information with other group-based policy schemes.

Lower operational expenses

Forrester Consulting conducted an analysis of customers using TrustSec software-defined segmentation in production networks. The findings: TrustSec reduced operational costs by 80 percent and enabled policy changes 98 percent faster.

    Streamline compliance

    Control access to regulated applications using simple group-based policies. Reduce the scope of compliance for regulations such as PCI, HIPAA, and DFARS.

    How to enable

    Cisco TrustSec security groups give users access that is consistently maintained as resources move across domains. It simplifies the management of switch, router, and firewall rules. Yet you still have granular control of your network.

    Define security group tags

    Assign security group tags (SGTs) to enforce access policies for users, applications, and devices.

    Manage policies with ISE

    Use the Cisco Identity Services Engine (ISE) to define and manage SGTs on your network.

    Share policies across domains

    Use Cisco ISE to share TrustSec group information with other group-based policy schemes.


    Get the strongest possible security. Cisco Services help you integrate technologies, migrate from other solutions, and optimize your existing solutions.

    Reduce operating expenses

    A 2016 analysis shows how Cisco TrustSec cuts costs and increases agility. (PDF - 1 MB)

    Block threats on devices at scale

    Protect services in healthcare, manufacturing, and more with Cisco IoT Threat Defense. (PDF - 57 KB)

    Manufacturer balances agility with security

    The Cisco solution gives us a very precise way, from the wireless access point or the switch, to identify who is trying to access what. It allows us to place users in the right category and have the right policy to match information security demands.

    Roman Scarabot-Mueller, Head of Infrastructure, Mondi Group International

    Enforce policies easily

    Simplify network access and security operations with software-defined segmentation.

    For partners

    Are you a Cisco partner?  Log in to see additional resources.

    Looking for a solution from a Cisco partner? Connect with our partner ecosystem.