Save 40% on books and eBooks + 70% on videos now through May 31*—use code PROGRAM. Shop now.
Additional sample videos, individual lessons and other formats are available here.
Register your product to gain access to bonus material or receive a coupon.
Lesson 2: Understanding TrustSec Functions — Classification
TrustSec is built on three functions. Classification deals with how users and network resources are classified in order to be granted network access. Dynamic and static methods are covered in this lesson. After resources are classified, this information needs to be propagated to network enforcement points. This topic presents three methods of propagating SGTs: Inline, Security Group Tag Exchange Protocol over TCP (SXP), and SGT Caching. Security policy is enforced on Cisco devices based on SGT assignments. This topic looks at enforcement using Security Group Access Control Lists (SGACLs) and Security Group Firewall (SG-FW) rules and how this information is distributed and verified.