- Written by Ziqian XU
- Posted on October 21, 2021
- Updated on October 21, 2021
- 7220 Views
Support for AES GCM has been added as a method for storing symmetric secrets in EOS. This applies to secrets that must be
- Written by Leandro Penz
- Posted on August 21, 2020
- Updated on August 21, 2020
- 6245 Views
Dynamic CLI Access VLAN is a command that sets the effective access VLAN in a port without changing the running
- Written by Jeevan Kamisetty
- Posted on August 23, 2022
- Updated on November 30, 2023
- 8728 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Aman Aman-Ul-Haq
- Posted on March 9, 2021
- Updated on December 1, 2023
- 10233 Views
The Segment security feature provides the convenience of applying policies on segments rather than interfaces or subnets. Hosts/networks are classified into segments based on prefixes. Grouping prefixes into segments allows for definition of policies that govern flow of traffic between segments.
- Written by Pedro Coutinho
- Posted on June 10, 2019
- Updated on June 11, 2019
- 7430 Views
This feature involves the use of packet’s Time to Live (TTL) (IPv4) or Hop Limit (IPv6) attributes to protect
- Written by Pedro Coutinho
- Posted on August 25, 2016
- Updated on June 11, 2019
- 8021 Views
This feature involves the use of packet’s Time to Live (TTL) (IPv4) or Hop Limit (IPv6) attributes to protect
- Written by Thejesh Panchappa
- Posted on December 30, 2021
- Updated on December 30, 2021
- 6958 Views
Macro Segmentation Service with Layer 3 firewall (MSS FW) provides a mechanism to offload policy enforcement on TORs
- Written by Arup Raton Roy
- Posted on September 7, 2021
- Updated on September 21, 2021
- 6883 Views
Macro Segmentation Service with Layer 3 firewall (MSS FW) enforces all security policies bi directionally by
- Written by Ben May
- Posted on February 1, 2024
- Updated on February 1, 2024
- 2333 Views
This can be done with multiple groups today, as long as we have enough unique group entries in hardware. In the absence of this configuration ( default behavior ), bridged traffic will be assigned to the default VRF and policies of default VRF will be applied to bridged traffic. With this feature, bridged traffic is never subject to MSS-G configuration.
- Written by Coy Humphrey
- Posted on September 15, 2020
- Updated on June 7, 2024
- 9307 Views
This TOI describes a set of enhancements made to the existing Port Security: Protect Mode (PortSec-Protect) feature. Please see the existing TOI for this feature here:Port Security: Protect Mode
- Written by Michelle Wang
- Posted on June 8, 2020
- Updated on July 21, 2023
- 6984 Views
EOS provides a way to extend its capabilities through the installation of extensions. An extension is a pre packaged
- Written by Wenyi Cheng
- Posted on April 19, 2021
- Updated on July 19, 2023
- 7880 Views
This feature adds TLS support to the existing syslog logging mechanism. With the new added CLI commands, the user can
- Written by Yuyang Chen
- Posted on June 15, 2021
- Updated on June 21, 2021
- 7603 Views
Port wide port security: Port security with address limit on the port configured by the existing shutdown mode port