Chapter 7 Managing Network Resources

Network Device Groups

Network Device Groups

In ACS, you can define network device groups (NDGs), which are sets of devices. These NDGs provide logical grouping of devices, for example, Device Location or Type, which you can use in policy conditions.

When the ACS receives a request for a device, the network device groups associated with that device are retrieved and compared against those in the policy table. With this method, you can group multiple devices and assign them the same policies. For example, you can group all devices in a specific location together and assign to them the same policy.

You can define up to 12 network device groups.

The Device Group Hierarchy is the hierarchical structure that contains the network device groups. Two of these, Location and Device Type, are predefined; you cannot change their names or delete them. You can add up to 10 additional hierarchies.

An NDG relates to any node in the hierarchy and is the entity to which devices are associated. These nodes can be any node within the hierarchy, not just leaf nodes.

Note You can have a maximum of six nodes in the NDG hierarchy, including the root node.

Related Topics

Creating, Duplicating, and Editing Network Device Groups, page 7-2

Deleting Network Device Groups, page 7-3

Creating, Duplicating, and Editing Network Device Groups

To create, duplicate, or edit a network device group:

Step 1 Choose Network Resources > Network Device Groups.

The Network Device Groups page appears. If you have defined additional network device groups, they appear in the left navigation pane, beneath the Network Device Groups option.

Step 2 Do any of the following:

Click Create.

Check the check box next to the network device group that you want to duplicate, then click Duplicate.

Click the network device group name that you want to modify, or check the check box next to the name and click Edit.

The Hierarchy - General page appears.

Step 3 Modify the fields in the Hierarchy - General page as described in Table 7-1:

Table 7-1

Device Groups - General Page Field Descriptions

 

 

Field

Description

 

 

Name

Enter a name for the network device group (NDG).

 

 

User Guide for Cisco Secure Access Control System 5.3

7-2

OL-24201-01

 

 

Page 131 Page 133
Page 132
Image 132
Cisco Systems OL-24201-01 manual Creating, Duplicating, and Editing Network Device Groups
Page 131 Page 133
Top Page Image Contents