Cisco Systems OL-25111-01 manual Setting Up the Cisco Secure ACS Server

Page 65

Appendix C Security Configuration with Cisco Secure ACS

Configuring the System Identity User in Common Services

Configuring the System Identity User in Common Services

Before you integrate the Service Monitor server with Cisco Secure ACS, ensure that you create and assign all privileges to a system identity user in Common Services. This topic explains how to set up a local user as the system identity user. (To use the Common Services admin user as the system identity user, see the topic Setting up system identity account in Common Services online help.)

1.Create a local user and assign all roles to the user. (See Configuring Users Using the Common Services Local Login Module, page 3-2.)

Note If the System Identity User is not configured with all Common Services Local login module roles (see Table C-1), authorization fails when you try perform certain tasks in Service Monitor and Common Services.

2.Update the System Identity User, replacing the username with the one that you created in step 1. (Select Administration > Server Administration (Common Services) > Security > Multi-Server Trust Management > System Identity Setup.

For more information, see Common Services online help.

Setting Up the Cisco Secure ACS Server

Perform these tasks in Cisco Secure ACS before you change the Common Services AAA mode to ACS:

1.Configure ACS Administrators.

Configure an administrator user with all privileges in Cisco Secure ACS.

Note If you do not configure the administrator user with all privileges, Service Monitor registration with Cisco Secure ACS fails.

Note the username and password for the administrator; you will need to enter them when you change the AAA mode to ACS in Common Services.

2.Add the Service Monitor server to Cisco Secure ACS as a AAA Client.

Configure the Service Monitor server as a AAA client in Cisco Secure ACS and do the following:

Select authentication by TACACS + (CISCO IOS).

Note the shared secret that you enter; you will need to enter it in Common Services when you change the AAA mode to ACS in Common Services.

3.Add the System Identity User and Common Services users to Cisco Secure ACS. You can create a group and add users to it.

4.Note whether the Service Monitor and Common Services applications are already registered with Cisco Secure ACS. To find out, select Shared Profile Components and look for:

Cisco Unified Service Monitor

Common Services

Installation Guide for Cisco Unified Service Monitor

 

OL-25111-01

C-3

 

Page 64 Page 66
Image 65
Page 64 Page 66
Contents Americas Headquarters Installation Guide for Cisco Unified Service MonitorPage N T E N T S Common Services Database Password A-9 Licensing Process B-3 OL-25111-01 Convention AudienceConventions Related Documentation Product DocumentationObtaining Documentation and Submitting a Service Request Preface Installation Guide for Cisco Unified Service Monitor Product Overview PrerequisitesGuidelines, Server and Client System RequirementsServer Requirements Configuration Notes, Description SpecificationsClient Requirements LAN SettingsComponent Minimum Requirement VMware GuidelinesPrerequisites Server and Client System Requirements Enabling and Disabling Fips on a Windows Server Windows 2003 /Windows Server FeaturesPort Usage Protocol Port Number Service Name50001 SOAPMonitor Port Protocol Number Service NameOL-25111-01 Preparing to Install Service Monitor Installing, Uninstalling, and Upgrading Service MonitorPreparing the Server Ensuring That Required Ports Are Free Gathering Information to Provide During InstallationNTP Configuration Notes Installing Cisco Unified Service Monitor Page For more information, see NTP Configuration Notes, Preparing to Upgrade to Service Monitor Starting Cisco Unified Service MonitorBacking Up Service Monitor Files and Database Upgrade PathsUnderstanding the Effect an Upgrade Has on Your Data Preventing Extra Processing After Upgrade Deleting Cisco 1040 Configuration Files from Tftp ServersConfiguring NTP Upgrading to Service MonitorUpgrading to Service Monitor 8.6 from 8.0 OL-25111-01 Adding Service Monitor to Unified Communications Manager Performing Post-Upgrade Configuration for Cisco 1040s Default 1040 Sensor Configuration File-QOVDefault.CNF Sample Cisco 1040 Sensor Configuration FilesUninstalling Service Monitor, Reinstalling Service Monitor, Uninstalling and Reinstalling Service MonitorUninstalling Service Monitor Reinstalling Service Monitor Configuring Your System for Snmp Queries OL-25111-01 Configuring Security, Configuring Service Monitor, Configuring SecurityConfiguring Users ACS and Local Rbac Https//servernamehttps port Enabling SSL Between the Browser and the ServerConfiguring Service Monitor OL-25111-01 Settings Value User Inputs for Typical InstallationPassword Information Passwords, see Password InformationA-7 User Inputs for Custom InstallationFixing Problems That Can Occur After You Change Passwords On passwords, see Password Information Admin and guestOccur After You Change Passwords, page A-7 Existing passwords, leave the fields blank Settings Value Password Rules for a New Installation Password InformationFixing Problems That Can Occur After You Change Passwords Password Changed Potential Problem WorkaroundPassword Descriptions Password Rules for an Upgrade InstallationPassword Rules for Reinstallation Common Services Guest Password Changing PasswordsChanging the casuser Password Installation Guide for Cisco Unified Service Monitor OL-25111-01 Verifying License Status Licensing OverviewLicensing Overview, page B-1 Licensing Process, page B-3 ColumnScenario What to Do Licensing ScenariosColumn Description Licensing Messages Documentation and Submitting a Service RequestLicensing Process Obtaining a License File Registering a License File with Service MonitorObtaining a PAK Table B-2 License Registration Result OL-25111-01 Cisco Secure ACS Support Security Configuration with Cisco Secure ACSService Monitor Integration Notes Role Description Common Services Local Login Module Authentication RolesConfiguring the System Identity User in Common Services Setting Up the Cisco Secure ACS ServerChanging the AAA Mode to ACS in Common Services Assigning Roles to Users and User Groups in Cisco Secure ACS Installation Guide for Cisco Unified Service Monitor D E IN-2 IN-3 IN-4

OL-25111-01 specifications

Cisco Systems OL-25111-01 is a comprehensive online training course designed to enhance the knowledge and skills of IT professionals in managing Cisco networking environments. This course covers a wide array of topics that are essential for anyone aiming to achieve proficiency in Cisco technologies and solutions.

One of the main features of the OL-25111-01 course is its structured curriculum, which is tailored to provide a step-by-step learning experience. It delves into crucial aspects such as Cisco architecture, access control lists (ACLs), and the fundamentals of routing and switching. These foundational elements form the backbone of Cisco networking and are vital for configuring and managing network devices effectively.

The course places a significant emphasis on hands-on experience through virtual labs, allowing participants to practice real-world networking scenarios. This practical approach is invaluable for reinforcing theoretical knowledge and preparing students for real-world challenges. Moreover, the course offers guidance on troubleshooting, ensuring that learners are equipped to identify and resolve network issues proficiently.

Another notable aspect of OL-25111-01 is its focus on Cisco's latest technologies. This includes insights into Software-Defined Networking (SDN), network automation, and security measures that are essential in today’s cyber landscape. By integrating modern technologies into the curriculum, Cisco ensures that participants remain competitive in an ever-evolving industry.

The training also incorporates an interactive format, featuring quizzes and assessments that help reinforce learning. Feedback mechanisms are built into the course, allowing participants to identify areas for improvement and solidify their understanding of complex concepts. This adaptive learning environment facilitates a deeper comprehension of Cisco's networking principles.

Furthermore, Cisco Systems OL-25111-01 is aligned with industry certification programs, making it an excellent preparatory tool for professionals seeking to obtain Cisco certifications. The course is designed to enhance career advancement opportunities by providing the requisite knowledge and skills that employers seek.

In summary, Cisco Systems OL-25111-01 is an essential training resource for IT professionals aiming to excel in Cisco networking. With its comprehensive curriculum, practical labs, focus on modern technologies, and alignment with certification programs, this course equips learners with the tools they need to succeed in a competitive job market. Whether you are a seasoned IT professional or a newcomer to the field, this course serves as a valuable stepping stone in your networking career.
Top Page Image Contents