The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter provides release-specific information for each new and changed feature in the Cisco Nexus 5000 Series NX-OS Security Command Reference. The latest version of this document is available at the following Cisco website:
http://www.cisco.com/en/US/products/ps9670/prod_command_reference_list.html
To check for additional information about this Cisco NX-OS Release, see the Cisco Nexus 5000 Series Switch Release Notes available at the following Cisco website:
http://www.cisco.com/en/US/products/ps9670/prod_release_notes_list.html
This section includes the following topics:
•New and Changed Information for Cisco NX-OS Release 5.2(1)N1(1)
•New and Changed Information for Cisco NX-OS Release 5.1(3)N1(1)
•New and Changed Information for Cisco NX-OS Release 5.0(3)N2(1)
•New and Changed Information for Cisco NX-OS Release 5.0(3)N1(1)
•New and Changed Information for Cisco NX-OS Release 5.0(2)N2(1)
•New and Changed Information for Cisco NX-OS Release 5.0(2)N1(1)
summarizes the new and changed features for Cisco NX-OS Release 5.2(1)N1(1) and tells you where they are documented.
|
|
|
---|---|---|
IPv6 |
Added support for IPv6. |
summarizes the new and changed features for Cisco NX-OS Release 5.1(3)N1(1) and tells you where they are documented.
There are no new and changed features for Cisco NX-OS Release 5.0(3)N2(1).
summarizes the new and changed features for Cisco NX-OS Release 5.0(3)N1(1) and tells you where they are documented.
|
|
|
|
---|---|---|---|
IP access group |
Added the ip access-group command to apply an IPv4 access control list (ACL) to an interface as a router ACL. |
5.0(3)N1(1) |
|
IP Source Guard |
This feature was introduced. The following IP Source Guard commands for Layer 2 Ethernet interfaces were introduced: •ip verify source dhcp-snooping-vlan •show ip verify source |
5.0(3)N1(1) |
ip verify source dhcp-snooping-vlan |
Dynamic ARP Inspection (DAI) |
This feature was introduced. Added the following commands to configure dynamic Address Resolution Protocol (ARP) inspection (DAI) on a Cisco NX-OS switch: •ip arp inspection log-buffer •ip arp inspection validate •ip arp inspection vlan |
5.0(3)N1(1) |
clear ip arp inspection statistics vlan show ip arp inspection interfaces |
Unicast RPF |
Added the ip verify unicast source reachable-via command to configure Unicast Reverse Path Forwarding (Unicast RPF) on an interface. |
5.0(3)N1(1) |
summarizes the new and changed features for Cisco NX-OS Release 5.0(2)N2(1) and tells you where they are documented.
|
|
|
|
---|---|---|---|
Release 5.0(2)N2(1) |
|||
DHCP Snooping |
You can configure DHCP snooping on switches and VLANs. |
5.0(2)N2(1) |
clear ip dhcp snooping binding clear ip dhcp snooping statistics ip dhcp packet strict-validation ip dhcp snooping information option ip dhcp snooping verify mac-address show ip dhcp snooping statistics |
summarizes the new and changed features for Cisco NX-OS Release 5.0(2)N1(1) and tells you where they are documented.
|
|
|
|
---|---|---|---|
Release 5.0(2)N1(1) |
|||
Support for HTTP server |
You can enable HTTP or Hypertext Transfer Protocol Secure (HTTPS) on a switch. |
5.0(2)N1(1) |
|
Privilege level |
You can enable the cumulative privilege of roles for command authorization on RADIUS and TACACS+ servers. You can also enable a user to move to a higher privilege level, or set a password for a specific privilege level. |
5.0(2)N1(1) |
|
ACLs on VTY |
You can configure an access class to restrict incoming or outgoing traffic on a virtual terminal line (VTY). |
5.0(2)N1(1) |
|
Checkpoint and rollback |
You can take a snapshot of the current running configuration or roll back to a specified checkpoint to restore the active configuration of the system. |
5.0(2)N1(1) |
show diff rollback-patch checkpoint show diff rollback-patch running-config show diff rollback-patch startup-config |
SSH |
You can set the number of login attempts that a user can try before being disconnected. |
5.0(2)N1(1) |