Support for AES GCM has been added as a method for storing symmetric secrets in EOS. This applies to secrets that must be

Security Encryption 4.27.0F

Dynamic CLI Access VLAN is a command that sets the effective access VLAN in a port without changing the running

Security Vlan 4.24.2F Dynamic

AVA switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch. It continuously monitors enterprise devices, users, and applications wherever they are, even as IP addresses change while maintaining a forensic record of past activities. This functionality can be enabled/disabled on the fly without impacting regular packet forwarding functionality.

The Segment security feature provides the convenience of applying policies on segments rather than interfaces or subnets. Hosts/networks are classified into segments based on prefixes. Grouping prefixes into segments allows for definition of policies that govern flow of traffic between segments. Policies define inter-segment or intra-segment communication rules, e.g. segment A can communicate with segment B but hosts in segment B can not communicate with each other.

This feature involves the use of packet’s Time to Live (TTL) (IPv4) or Hop Limit (IPv6) attributes to protect

This feature involves the use of packet’s Time to Live (TTL) (IPv4) or Hop Limit (IPv6) attributes to protect

Macro Segmentation Service with Layer 3 firewall (MSS FW) provides a mechanism to offload policy enforcement on TORs

Macro Segmentation Service with Layer 3 firewall (MSS FW) enforces all security policies bi directionally by

This TOI describes a set of enhancements made to the existing Port Security: Protect Mode (PortSec Protect) feature.

EOS provides a way to extend its capabilities through the installation of extensions. An extension is a pre packaged

This feature adds TLS support to the existing syslog logging mechanism. With the new added CLI commands, the user can

Port wide port security: Port security with address limit on the port configured by the existing shutdown mode port