View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

RS0175 - DNAC 2.1 Group-Based Access Control (Part 3)

No votes yet
Difficulty Level: 
Lab Document: 
<Please login to see the content>
Video Download: 
Title: RS0175 - Video Download $17.00
Purchase RS0175 - Video Download $17.00

The video shows you how to enable Group-Based Access Control in SDA using Cisco DNAC 2.1. Our scenario begins with a simple configuration to deny traffic between two user groups. We will then use Group-based Policy Analytic to identify type of traffic between endpoints, and leverage the information to restrict communication within the same endpoint group. Wireshark packet capture will be performed to give us an insight into VXLAN packet structure.

Part 3 of this video covers granular access control and packet capture


  • SDA Security Policy
  • Cisco TrustSec (CTS)
  • Scalable Group Tag (SGT)
  • Access Contract
  • Dynamic SGT assignment
  • Policy Matrix and SGACL
  • Group-based Policy Analytic
    • Netflow Telemetry
  • VXLAN Packet Capture
  • MicroSegmenataion

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at, Metha enjoys learning and challenges himself with new technologies.