Cisco Cisco IOS XE 3.5E Release Notes
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
17
Release Notes for Catalyst 3850 Series Switch, Cisco IOS XE Release 3.6.xE
OL-32621-01
What’s New in Cisco IOS XE Release 3.6.0E
Cisco TrustSec Critical
Authentication
Authentication
Ensures that the Network Device Admission Control (NDAC)-authenticated 802.1X
links between Cisco TrustSec devices are in open state even when the Authentication,
Authorization, and Accounting (AAA) server is not reachable.
links between Cisco TrustSec devices are in open state even when the Authentication,
Authorization, and Accounting (AAA) server is not reachable.
Enabling Bidirectional SXP
Support
Support
Enhances the functionality of Cisco TrustSec with SXP version 4 by adding support for
Security Group Tag (SGT) Exchange Protocol (SXP) bindings that can be propagated in
both directions between a speaker and a listener over a single connection.
Security Group Tag (SGT) Exchange Protocol (SXP) bindings that can be propagated in
both directions between a speaker and a listener over a single connection.
Enablement of Security Group
ACL at Interface Level
ACL at Interface Level
(IP Base, IP Services)
Controls and manages the Cisco TrustSec access control on a network device based on
an attribute-based access control list. When a security group access control list (SGACL)
is enabled globally, the SGACL is enabled on all interfaces in the network by default;
use the Enablement of Security Group ACL at Interface Level feature to disable the
SGACL on a Layer 3 interface.
an attribute-based access control list. When a security group access control list (SGACL)
is enabled globally, the SGACL is enabled on all interfaces in the network by default;
use the Enablement of Security Group ACL at Interface Level feature to disable the
SGACL on a Layer 3 interface.
Role-Based CLI Inclusive Views
(IP Base, IP Services)
Enables a standard CLI view including all commands by default.
Custom Web Authentication Result
Display Enhancement
Display Enhancement
Displays the authentication results on the main HTML page. There is no pop-up window
to display the authentication results.
to display the authentication results.
Custom Web Authentication
Download Bundle
Download Bundle
Ensures that one or more custom HTML pages can be downloaded and configured from
a single tar file bundle.
a single tar file bundle.
The images and the custom pages containing the images are also part of the same
downloadable tar file bundle.
downloadable tar file bundle.
Virtual IP Support for Images in
Custom Web Authentication
Custom Web Authentication
Supports image file names without prefixes and removes the requirement of users having
to specify the wireless management interface IP to indicate the source of image in the
HTML code.
to specify the wireless management interface IP to indicate the source of image in the
HTML code.
Service Discovery Gateway:
mDNS enhancements
mDNS enhancements
Enables multicast Domain Name System (mDNS) to operate across layer 3 boundaries.
HSRP: Global IPv6 Address
(IP Base, IP Services)
Allows users to configure multiple non-link local addresses as virtual addresses. The Hot
Standby Router Protocol (HSRP) ensures host-to-router resilience and failover, in case
the path between a host and the first-hop router fails, or the first-hop router itself fails.
Standby Router Protocol (HSRP) ensures host-to-router resilience and failover, in case
the path between a host and the first-hop router fails, or the first-hop router itself fails.
HTTP Gleaning
(IP Base, IP Services)
Allows the device-sensor to extract the HTTP packet Type-Length-Value (TLV) to derive
useful information about the end device type.
useful information about the end device type.
Banner Page and Inactivity timeout
for HTTP/S connections
for HTTP/S connections
Allows you to create a banner page and set an inactivity timeout for HTTP or HTTP
Secure (HTTPS) connections. The banner page allows you to log on to the server when
the session is invalid or expired.
Secure (HTTPS) connections. The banner page allows you to log on to the server when
the session is invalid or expired.
Secure CDP
(LAN Base, IP Base, IP Services)
Allows you to select the type, length, value (TLV) fields that are sent on a particular
interface to filter information sent through Cisco Discovery Protocol packets.
interface to filter information sent through Cisco Discovery Protocol packets.
OSPFv3 Authentication Trailer
Provides a mechanism to authenticate Open Shortest Path First version 3 (OSPFv3)
protocol packets as an alternative to existing OSPFv3 IPsec authentication.
protocol packets as an alternative to existing OSPFv3 IPsec authentication.
What’s New
Description