Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
15-10
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 15 Managing Firewall AAA Rules
AAA Rules Page
AAA Rules Page
Use the AAA Rules page to configure AAA rules for device interfaces. AAA rules configure network
access control (called authentication proxy on IOS devices), which forces the user to authenticate when
attempting network connections that traverse the device. Authenticated traffic can also be required to
undergo authorization (where after the user enters a valid user name and password, the AAA server is
checked to verify that the user is authorized for network access). You can also configure accounting
rules, even for unauthenticated traffic, to provide information you can use for billing, security, and
resource allocation purposes.
Note With the release of Security Manager 4.4 and versions 9.0 and higher of the ASA, the separate policies
and objects for configuring IPv4 and IPv6 AAA rules were “unified,” meaning one set of AAA rules in
which you can use either IPv4 or IPv6 addresses, or a mixture of both. (See Policy Object Changes in
Security Manager 4.4, page 1-9 for additional information.) In Policy view, IPv4 and unified versions of
the AAA policy type are provided. In addition, a utility that you can use to convert existing IPv4 policies
is provided (see Converting IPv4 Rules to Unified Rules, page 12-28). The following descriptions apply
to apply to all versions of the AAA rule table, except where noted.
AAA rule configuration is complex and differs significantly based on the operating system. Carefully
read the following topics before configuring AAA rules:
Understanding AAA Rules, page 15-1
Understanding How Users Authenticate, page 15-2
Configuring AAA Rules for ASA, PIX, and FWSM Devices, page 15-4
Configuring AAA Rules for IOS Devices, page 15-7
Tip Disabled rules are shown with hash marks covering the table row. When you deploy the configuration,
disabled rules are removed from the device. For more information, see Enabling and Disabling Rules,
page 12-20.
Navigation Path
To access the AAA Rules page, do one of the following:
(Device view) Select a device, then select Firewall > AAA Rules from the Policy selector.
(Policy view) Select Firewall > AAA Rules from the Policy Type selector. Create a new policy or
select an existing one.
(Map view) Right-click a device and select Edit Firewall Policies > AAA Rules.
Related Topics.
Adding and Removing Rules, page 12-9
Editing Rules, page 12-9
Moving Rules and the Importance of Rule Order, page 12-19
Using Sections to Organize Rules Tables, page 12-20
Using Rules Tables, page 12-7
Filtering Tables, page 1-45