ncm policy to enforce security rules

FormerMember

Hi all.  I am a newbie so apologies if this is old stuff, but i did read around first

Goal, construct a set of cisco security policies and rules to ensure:

each interface is either access or trunk

each access port needs some basic configs like

sw mode access and

ip verify ....

 

each trunk port needs some configs like

ip dhcp snoop trust

no span bpdu guard etc.

 

what is the simplest design that allows conditional logic for 2 different sets of requirements on 2 different sets of interfaces on the same managed device

Thanks

 

Drew

docwhite

drewgans,

In the upcoming release there will be support for conditional string searching and for auto-remediation. Conditional logic includes parenthetical string grouping, and/or operators for establishing relationships between strings and string groups. With regular expressions and this logic you will have a good shot at getting what you need.

Doug