Chapter 9 Managing Policy Elements

Managing Authorizations and Permissions

Defining NDG-Based Device Port Filters

You can create, duplicate, and edit the network device group type and the port to which you want to permit or deny access. To do this:

Step 1 From the Network Device Group tab, do one of the following:

Click Create.

Check the check box next to the NDG-based device port filter that you want to duplicate, then click Duplicate.

Check the check box next to the NDG-based device port filter that you want to edit, then click Edit. A dialog box appears.

Step 2 Click Select to choose the network device group type that you want to filter.

Step 3 Click Select to choose the network device group value that you want to filter.

Step 4 Check the Port check box and enter the port number.

Step 5 Click OK.

Related Topics

Managing Network Conditions, page 9-6

Creating, Duplicating, and Editing Device Filters, page 9-12

Defining IP Address-Based Device Filters, page 9-13

Defining Name-Based Device Filters, page 9-13

Managing Authorizations and Permissions

You define authorizations and permissions to determine the results associated with a specific policy rule. You can define:

Authorization profiles for network access authorization (for RADIUS).

Shell profiles for TACACS+ shell sessions and command sets for device administration.

Downloadable ACLs.

Security groups and security group ACLs for Cisco Security Group Access. See ACS and Cisco Security Group Access, page 4-23, for information on configuring these policy elements.

These topics describe how to manage authorizations and permissions:

Creating, Duplicating, and Editing Authorization Profiles for Network Access, page 9-18

Creating and Editing Security Groups, page 9-23

Creating, Duplicating, and Editing a Shell Profile for Device Administration, page 9-23

Creating, Duplicating, and Editing Command Sets for Device Administration, page 9-28

Creating, Duplicating, and Editing Downloadable ACLs, page 9-31

Deleting an Authorizations and Permissions Policy Element, page 9-32

Configuring Security Group Access Control Lists, page 9-33

 

 

User Guide for Cisco Secure Access Control System 5.3

 

 

 

 

 

 

OL-24201-01

 

 

9-17

 

 

 

 

 

Page 246 Page 248
Page 247
Image 247
Cisco Systems OL-24201-01 manual Managing Authorizations and Permissions, Defining NDG-Based Device Port Filters
Page 246 Page 248
Top Page Image Contents