Appendix C Security Configuration with Cisco Secure ACS

Common Services Local Login Module Authentication Roles

Note The Service Monitor integration with Cisco Secure ACS does not enable you to selectively filter out specific devices. For example, a user in a role that includes the task:

Data Source Credentials: add, edit and verifyCan add, edit, or verify credentials in Service Monitor for any NAM or any Unified Communications Manager.

Cisco 1040: view details—Can view details from Service Monitor for any Cisco 1040.

Common Services Local Login Module Authentication Roles

Common Services login modules enable you to use a source other than the native mechanism for authentication, that is the Common Services Local login module.

After you authenticate, authorization is controlled by your role. A role is a set of tasks that you have the privilege to perform. By default, the Common Services Local login module authorization scheme has six roles. Roles are listed in Table C-1from least privileged to most privileged.

Table C-1 Common Services User Roles and Privileges

Role

Description

Non-ACS Mode—Common Services Local Login Module

Help Desk

Privileges to view some information in Service Monitor and Common

 

Services.

 

Example: Generate and view reports and view details for Cisco 1040.

 

(Cannot perform modifications.)

 

 

Network Operator

Privilege to perform all Service Monitor tasks and some Common Services

 

tasks.

 

Example: Set up Service Monitor; add, modify, verify data source

 

credentials.

 

 

Network Administrator

Privilege to perform all Service Monitor tasks and several Common

 

Services tasks. User can also perform Network Operator tasks.

 

Example: Same as Network Operator.

 

 

System Administrator

Privilege to perform all system administration tasks.

 

Example: Enable and disable debugging; set logging level.

 

 

Super Admin

This role is not supported in Service Monitor.

 

 

For tasks that are defined for Service Monitor and Common Services and the roles with privileges to perform the tasks, see the Permission Report in Common Services. (Select Administration > Server

Administration (Common Services) > Reports > Permission Report > Generate Report.)

Note For more information, see Common Services online help.

We recommend that you do not modify the default Common Services roles. However, you can create your own custom roles for Service Monitor on Cisco Secure ACS.

Installation Guide for Cisco Unified Service Monitor

 

C-2

OL-25111-01

 

 

 

Page 64
Image 64
Cisco Systems OL-25111-01 manual Common Services Local Login Module Authentication Roles, Role Description

OL-25111-01 specifications

Cisco Systems OL-25111-01 is a comprehensive online training course designed to enhance the knowledge and skills of IT professionals in managing Cisco networking environments. This course covers a wide array of topics that are essential for anyone aiming to achieve proficiency in Cisco technologies and solutions.

One of the main features of the OL-25111-01 course is its structured curriculum, which is tailored to provide a step-by-step learning experience. It delves into crucial aspects such as Cisco architecture, access control lists (ACLs), and the fundamentals of routing and switching. These foundational elements form the backbone of Cisco networking and are vital for configuring and managing network devices effectively.

The course places a significant emphasis on hands-on experience through virtual labs, allowing participants to practice real-world networking scenarios. This practical approach is invaluable for reinforcing theoretical knowledge and preparing students for real-world challenges. Moreover, the course offers guidance on troubleshooting, ensuring that learners are equipped to identify and resolve network issues proficiently.

Another notable aspect of OL-25111-01 is its focus on Cisco's latest technologies. This includes insights into Software-Defined Networking (SDN), network automation, and security measures that are essential in today’s cyber landscape. By integrating modern technologies into the curriculum, Cisco ensures that participants remain competitive in an ever-evolving industry.

The training also incorporates an interactive format, featuring quizzes and assessments that help reinforce learning. Feedback mechanisms are built into the course, allowing participants to identify areas for improvement and solidify their understanding of complex concepts. This adaptive learning environment facilitates a deeper comprehension of Cisco's networking principles.

Furthermore, Cisco Systems OL-25111-01 is aligned with industry certification programs, making it an excellent preparatory tool for professionals seeking to obtain Cisco certifications. The course is designed to enhance career advancement opportunities by providing the requisite knowledge and skills that employers seek.

In summary, Cisco Systems OL-25111-01 is an essential training resource for IT professionals aiming to excel in Cisco networking. With its comprehensive curriculum, practical labs, focus on modern technologies, and alignment with certification programs, this course equips learners with the tools they need to succeed in a competitive job market. Whether you are a seasoned IT professional or a newcomer to the field, this course serves as a valuable stepping stone in your networking career.