14-27
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 14 Network Admission Control
NAC Policies
Tip If you want to change a rule element that you have already added to the
Rules Elements table, you edit it by selecting the rule element, clicking
remove, editing its attribute, operator, or value, and clicking enter again.
d. Click Submit.
The Policy Configuration page appears again. The new rule appears at the
bottom of the Configurable Rules table.
Tip You can return to the Edit Rule page by clicking the rule.
e. For the new rule, do each of the following:
•Select a result credential type.
•Select a token.
•Type an action.
For more information about tokens, see Posture Tokens, page 14-4.
If the rule matches the posture validation request, Cisco Secure ACS
associates with the policy the result credential type, token, and action that you
specify.
Step 5 After you create the rules required to define the policy, order the rules as needed.
Cisco Secure ACS applies a policy by attempting to match rules in the order they
appear on the Policy Configuration page, from top to bottom. Policy processing
stops upon the first successful rule match, so order is important. To move a rule,
follow these steps:
a. Select the rule. To do so, click the button to the left of the rule.
b. Click the Up or Down button as needed until the rule is positioned where you
want.
Step 6 Configure the Default Rule; in the Default Rule table, do each of the following.
•Select a result credential type.
•Select a token.
•Type an action.