Cisco Cisco ASA 5580 Adaptive Security Appliance Installation Guide
3
Behavior Supported in Version 1.0.1
Note
In VMware Distributed Virtual Switch (DVS) and Bare-Metal deployments, not all switches
can support uSeg quarantine functionality on the APIC. Contact your Cisco sales
representative to determine which model(s) of the Cisco Nexus 9000 Series switches to order
if you plan to use the uSeg quarantine feature in DVS and Bare-Metal deployments.
can support uSeg quarantine functionality on the APIC. Contact your Cisco sales
representative to determine which model(s) of the Cisco Nexus 9000 Series switches to order
if you plan to use the uSeg quarantine feature in DVS and Bare-Metal deployments.
This release enables you to
quarantine offending end points that are detected by the Firepower
Management Center 6.1 or FireSIGHT Management Center 5.4.x, using the APIC version 1.2(7). For
version 1.0.1 of the Cisco Firepower Management Center Remediation Module for ACI, the supported
behavior when end points are quarantined is described in the following table:
version 1.0.1 of the Cisco Firepower Management Center Remediation Module for ACI, the supported
behavior when end points are quarantined is described in the following table:
Cisco Application
Virtual Switch (AVS)
Virtual Switch (AVS)
VMware Distributed
Virtual Switch (DVS)
Virtual Switch (DVS)
Bare Metal
Verified in IPS
inline mode
inline mode
Yes
Yes
Yes
EPG bridge mode
Yes
Yes
Yes
EPG routed mode
Yes
No
No
Multiple IP to one
MAC checking
MAC checking
No
Yes
Yes
Create only an IP
address filter uSeg
attribute
address filter uSeg
attribute
Yes
No
No
Create both an IP
address filter and a
MAC address filter
uSeg attribute
address filter and a
MAC address filter
uSeg attribute
No
Yes
Yes