You are here
RS0175 - DNAC 2.1 Group-Based Access Control (Part 3)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Routing & Switching
The video shows you how to enable Group-Based Access Control in SDA using Cisco DNAC 2.1. Our scenario begins with a simple configuration to deny traffic between two user groups. We will then use Group-based Policy Analytic to identify type of traffic between endpoints, and leverage the information to restrict communication within the same endpoint group. Wireshark packet capture will be performed to give us an insight into VXLAN packet structure.
Part 3 of this video covers granular access control and packet capture
Topic:
- SDA Security Policy
- Cisco TrustSec (CTS)
- Scalable Group Tag (SGT)
- Access Contract
- Dynamic SGT assignment
- Policy Matrix and SGACL
-
Group-based Policy Analytic
- Netflow Telemetry
- VXLAN Packet Capture
- MicroSegmenataion