Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
15-11
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 15 Managing Firewall AAA Rules
AAA Rules Page
Field Reference
Table 15-1 AAA Rules Page
Element Description
Expand all rows/Collapse all
rows
Use these buttons to expand or collapse all sections in the rules table.
Note The buttons are located in the upper-right corner of the Filter
area above the access rules table.
Conflict Indicator icons Identifies conflicts and provides a quick visual representation of the
type of conflict. For more details, including types of conflicts and the
actions you can take from this column, see Understanding the
Automatic Conflict Detection User Interface, page 16-27.
No. The ordered rule number.
Permit Whether the defined traffic will be subject to the rule (Permit) or
exempted from the rule (Deny):
Permit—Shown as a green check mark.
Deny—Shown as a red circle with slash.
Sources The sources of traffic for this rule; can be networks, security groups
(ASA 9.0+ only), and users. Multiple entries are displayed on separate
lines within the table cell.
Destinations The destinations for this rule; can be networks and security groups
(ASA 9.0+ only). Multiple entries are displayed on separate lines
within the table cell.
Service The services or service objects that specify the protocol and port of the
traffic to which the rule applies. Multiple entries are displayed on
separate lines within the table cell. See Understanding and Specifying
Services and Service and Port List Objects, page 6-86.
Interface The interfaces or interface roles to which the rule is assigned. Interface
role objects are replaced with the actual interface names when the
configuration is generated for each device. Multiple entries are
displayed as separate subfields within the table cell. See Understanding
Interface Role Objects, page 6-67.
Action The type of AAA control defined by this rule:
Authenticate—Users making connections through the device must
authenticate with their username and password. Protocols
requiring authentication are defined by the Service field (for
ASA/PIX/FWSM devices) or the AuthProxy methods (for IOS
devices).
Authorize—Authenticated users are also checked with the AAA
server to ensure that they are authorized to make the connection
(ASA/PIX/FWSM only).
Account—Accounting records for the identified traffic are sent to
the AAA server (ASA/PIX/FWSM only).
You can right-click the Action cell in an existing AAA rule and choose
Edit Action to change your selections. See Edit AAA Option Dialog
Box, page 15-18 for more information.