Cisco Systems OL-24201-01 manual Ndac Policy Properties, 10-48

Table 10-27

Rule-Based NDAC Policy Page

Option

Description

Policy type

Defines the type of policy to configure:

• Simple—Specifies the result to apply to all requests.

• Rule-based—Configure rules to apply different results depending on the request.

If you switch between policy types, you will lose your previously saved policy configuration.

Status

Rule statuses are:

Name

Name of the rule. The Default Rule is available for conditions for which:

• Enabled rules are not matched.

• Rules are not defined.

Click a link to edit or duplicate a rule.

You can edit the Default Rule but you cannot delete, disable, or duplicate it.

Conditions

Conditions that you can use to define policy rules. To change the display of rule conditions, click the

Customize button. You must have previously defined the conditions that you want to use.

Results

Displays the security group assigned to the device when it matches the corresponding condition.

Hit Count

Number of times that the rule is matched. Click the Hit Count button to refresh and reset this column.

Customize button

Opens the Customize page in which you choose the types of conditions to use in policy rules. A new

Conditions column appears in the Policy page for each condition that you add. You do not need to use

the same set of conditions as in the corresponding authorization policy.

Caution If you remove a condition type after defining rules, you will lose any conditions that you

configured for that condition type.

Hit Count button

Opens a window that enables you to reset and refresh the Hit Count display in the Policy page. See

Displaying Hit Counts, page 10-10.

User Guide for Cisco Secure Access Control System 5.3

10-48

OL-24201-01