Cisco Systems CSACS3415K9

Contents

User Guide for Cisco Secure Access Control System 5.4

OL-26225-01

Configuring a Group Mapping Policy 10-27

Configuring Group Mapping Policy Rule Properties 10-29

Configuring a Session Authorization Policy for Network Access 10-30

Configuring Network Access Authorization Rule Properties 10-32

Configuring Device Administration Author ization Policies 10-33

Configuring Device Administration Authorization Rule Properties 10-34

Configuring Device Administration Authorization Exception Policies 10-34

Configuring Shell/Command Authorization Policies for Device Administration 10-35

Configuring Authorization Exception Policies 10-36

Creating Policy Rules 10-38

Duplicating a Rule 10-39

Editing Policy Rules 10 -39

Deleting Policy Rules 10-40

Configuring Compound Conditions 10-41

Compound Condition Building Blocks 10-41

Types of Compound Conditions 10-42

Using the Compound Expression Builder 10-45

Security Group Access Control Pages 10-46

Egress Policy Matrix Page 10-46

Editing a Cell in the Egress Policy Matrix 10-47

Defining a Default Policy for Egress Policy Page 10-47

NDAC Policy Page 10-48

NDAC Policy Properties Page 10-49

Network Device Access EAP-FAST Settings Page 10-51

Maximum User Sessions 10-51

Max Session User Settings 10-52

Max Session Group Settings 10-52

Max Session Global Setting 10-53

Purging User Sessions 10-54

Maximum User Session in Distributed Environment 10-55

Maximum User Session in Proxy Scenario 10-56

CHAPTER

11 Monitoring and Reporting in ACS 11-1

Authentication Records and Details 11-2

Dashboard Pages 11-2

Working with Portlets 11-4

Working with Authentication Lookup Portlet 11-5

Running Authentication Lookup Report 11-6

Configuring Tabs in the Dashboard 11-6