What is a primary function of the SXP protocol?
Click on the arrows to vote for the correct answerA. B. C. D.
The SXP (Security Group Tag Exchange Protocol) protocol is used in Cisco TrustSec technology to exchange security group tags (SGTs) between network devices, including switches and routers. SGTs are used to classify network traffic based on security policies, which can then be used to enforce access control policies and traffic segmentation.
The primary function of the SXP protocol is to exchange SGT information between different TrustSec domains. TrustSec domains are logical groupings of network devices that share the same security policies and access control rules. SXP allows SGT information to be exchanged between different TrustSec domains, which enables enforcement of security policies across different domains.
Option A is incorrect because SXP is not used to extend a TrustSec domain on switches that do not support packet tagging with SGTs. TrustSec relies on packet tagging to classify traffic based on security policies, and SXP is used to exchange SGT information between network devices that support packet tagging.
Option B is incorrect because SXP is not used to map SGT tags to VLAN information. VLANs are used to segment network traffic, while SGTs are used to classify traffic based on security policies.
Option C is incorrect because SXP does not allow SGT tagged packets to be transmitted on trunks. VLAN tagging is used to transmit traffic on trunks, while SGT tagging is used to classify traffic based on security policies.
Therefore, the correct answer is D: to exchange the SGT information between different TrustSec domains.