Configuring a Policy-Next Steps, 10-5 | Cisco Systems OL-24201-01

Chapter 10 Managing Access Policies

Configuring the Service Selection Policy

If you have implemented Security Group Access functionality, you can also customize results for authorization policies.

Caution If you have already defined rules, be certain that a rule is not using any condition that you remove when customizing conditions. Removing a condition column removes all configured conditions that exist for that column.

To customize a policy:

Step 1 Open the Policy page that you want to customize. For:

•The service selection policy, choose Access Policies > Service Selection Policy.

•An access service policy, choose Access Policies > Access Services > service > policy, where service is the name of the access service, and policy is the name of the policy that you want to customize.

Step 2 In the Policy page, click Customize.

A list of conditions appears. This list includes identity attributes, system conditions, and custom conditions.

Note Identity-related attributes are not available as conditions in a service selection policy.

Step 3 Move conditions between the Available and Selected list boxes.

Step 4 Click OK

The selected conditions now appear under the Conditions column.

Step 5 Click Save Changes.

Configuring a Policy—Next Steps

•Configuring the Service Selection Policy, page 10-5

•Configuring Access Service Policies, page 10-21

Configuring the Service Selection Policy

The service selection policy determines which access service processes incoming requests. You can configure a simple policy, which applies the same access service to all requests; or, you can configure a rule-based service selection policy.

In the rule-based policy, each service selection rule contains one or more conditions and a result, which is the access service to apply to an incoming request. You can create, duplicate, edit, and delete rules within the service selection policy, and you can enable and disable them.

This section contains the following topics:

•Configuring a Simple Service Selection Policy, page 10-6

•Creating, Duplicating, and Editing Service Selection Rules, page 10-8

	User Guide for Cisco Secure Access Control System 5.3
	User Guide for Cisco Secure Access Control System 5.3
OL-24201-01		10-5
OL-24201-01		10-5

Cisco Systems OL-24201-01 manual Configuring the Service Selection Policy, 10-5

Models: OL-24201-01

Step 5 Click Save Changes.

Configuring a Policy—Next Steps

Configuring the Service Selection Policy

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

10-5