Chapter 9 Managing Policy Elements

Managing Policy Conditions

Deleting a Session Condition, page 9-6

Managing Network Conditions, page 9-6

See Chapter 3, “ACS 5.x Policy Model” for information about additional conditions that you can use in policy rules, although they are not configurable.

Creating, Duplicating, and Editing a Date and Time Condition

Create date and time conditions to specify time intervals and durations. For example, you can define shifts over a specific holiday period. When ACS processes a rule with a date and time condition, the condition is compared to the date and time information of the ACS instance that is processing the request. Clients that are associated with this condition are subject to it for the duration of their session.

The time on the ACS server is used when making policy decisions. Therefore, ensure that you configure date and time conditions that correspond to the time zone in which your ACS server resides. Your time zone may be different from that of the ACS server.

You can duplicate a session condition to create a new session condition that is the same, or similar to, an existing session condition. After duplication is complete, you access each session condition (original and duplicated) separately to edit or delete them.

To create, duplicate, or edit a date and time condition:

Step 1 Select Policy Elements > Session Conditions > Date and Time.

The Date and Time Conditions page appears.

Step 2 Do one of the following:

Click Create.

Check the check box next to the condition you want to duplicate and click Duplicate.

Click the name that you want to modify; or, check the check box next to the condition that you want to modify and click Edit.

The Date and Time Properties page appears.

Step 3 Enter valid configuration data in the required fields as described in Table 9-1:

Table 9-1

Date and Time Properties Page

Option

Description

General

Name

Enter a name for the date and time condition.

 

 

Description

Enter a description, such as specific days and times of the date and time condition.

 

 

User Guide for Cisco Secure Access Control System 5.3

 

OL-24201-01

9-3

 

 

 

Page 233
Image 233
Cisco Systems OL-24201-01 manual Deleting a Session Condition, Managing Network Conditions