New and Changed Information
The following table provides an overview of the significant changes to the organization and features in this guide up to this current release. The table does not provide an exhaustive list of all changes made to the guide or of the new features up to this release.
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Service EPG selector for endpoint security groups (ESGs) |
Before release 5.2(4), you cannot create a contract with a service EPG created through a service graph. Beginning with release 5.2(4), the service EPG selector for endpoint security groups (ESGs) is now available. This feature allows you to map a service EPG to an ESG and create a contract with that ESG. Using this feature, even if you have a vzAny-to-vzAny permit contract that is configured, you can add a deny contract between the service ESG and other ESGs to allow specific ESGs to communicate with the service ESG. |
|
|
Only the local and LDAP authentication methods are supported in FIPS mode |
You must disable the RADIUS, TACACS+, RSA, DUO, OAuth2, and SAML remote authentication methods. Only the local and LDAP authentication methods are supported in FIPS mode. |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
Endpoint security group enhancements |
Endpoint security groups (ESGs) now support more features and configurations, such as:
|
|
|
Support for OAuth 2 Authorization |
Open Authorization (OAuth) 2.0 is an open-standard authorization protocol. OAuth 2.0 allows you to access an application that is trusted or approved by an identity provider. |
|
Feature or Change |
Description |
Where Documented |
|---|---|---|
|
EPG and tag selectors for ESGs |
EPG selectors can add specific EPGs to an ESG. Tag selectors can add objects to an ESG based on policy tags. |
|
|
Simplified ESG migration |
EPG to ESG migration is simplified using EPG selectors. |
Feedback