This MIB module defines managed objects that facilitate the management of various policies within the Cisco Trusted Security (TrustSec) infrastructure. The information available through this MIB includes: o Device and interface level configuration for enabling SGACL (Security Group Access Control List) enforcement on Layer2/3 traffic. o Administrative and operational SGACL mapping to Security Group Tag (SGT). o Various statistics counters for traffic subject to SGACL enforcement. o TrustSec policies with respect to peer device. o Interface level configuration for enabling the propagation of SGT along with the Layer 3 traffic in portions of network which does not have the capability to support TrustSec feature. o TrustSec policies with respect to SGT propagation with Layer 3 traffic. The following terms are used throughout this MIB: VRF: Virtual Routing and Forwarding. SGACL: Security Group Access Control List. ACE: Access Control Entries. SXP: SGT Propagation Protocol. SVI: Switch Virtual Interface. IPM: Identity Port Mapping. SGT (Security Group Tag) is a unique 16 bits value assigned to every security group and used by network devices to enforce SGACL. Peer is another device connected to the local device on the other side of a TrustSec link. Default Policy: Policy applied to traffic when there is no explicit policy between the SGT associated with the originator of the traffic and the SGT associated with the destination of the traffic.