trustsec sgt dynamic with ise
DESCRIPTION
3. 3. Ingress(3). Server(4). Dropped. Ingress(3). Ingress. Egress. Server(4). The Matrix. Trustsec SGT Dynamic with ISE. Server (vlan 3) statically mapped to tag = 4. Server. Trustsec aware. Trustsec aware. Trustsec aware. Endpoint. Endpoint matches Authz rule tag = 3. - PowerPoint PPT PresentationTRANSCRIPT
Trustsec SGT Dynamic with ISE
Endpoint matches Authz rule tag = 3
Server (vlan 3) statically mapped to tag = 4
Endpoint
Server
IngressEgress
3 3
Ingress(3)
Server(4)
Ingress(3) Server(4)
SGACL
The Matrix
Dropped
Trustsec aware Trustsec aware Trustsec aware
Can statically mapIP to SGT(policy elements)
Trustsec SGT Static with SXT
Endpoint matches Authz rule tag = 3
Server (IP) statically mapped to tag = 4
Endpoint
Server
Ingress
SGFWDeny Tag 3 to 4 with ftp
Dropped
Trustsec aware NotTrustsec aware
ASA not capable of inline tagiingeither reading or imposing
SXP/TCPIP address to SGT
SXPSPEAKER
SXPLISTENER