Support User Manuals

Cisco Systems OL-24201-01 Camera Accessories User Manual

Open as PDF

of 650

10-23

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

Chapter 10 Managing Access Policies

Configuring Access Service Policies

Viewing Rules-Based Identity Policies

Select Access Policies > Access Services > service > Identity, where <service> is the name of the

access service.

By default, the Simple Identity Policy page appears with the fields described in Table 10-9. If

configured, the Rules-Based Identity Policy page appears with the fields described in Table 10-10:

To configure a rule-based policy, see these topics:

Table 10-10 Rule-based Identity Policy Page

Option Description

Policy type Defines the type of policy to configure:

• Simple—Specifies the results to apply to all requests.

• Rule-based—Configure rules to apply different results depending on the request.

Caution If you switch between policy types, you will lose your previously saved policy

configuration.

Status The current status of the rule. The rule statuses are:

• Enabled—The rule is active.

• Disabled—ACS does not apply the results of the rule.

• Monitor—The rule is active, but ACS does not apply the results of the rule. Results such as

hit count are written to the log, and the log entry includes an identification that the rule is

monitor only. The Monitor option is especially useful for watching the results of a new rule.

Name Rule name.

Conditions Conditions that determine the scope of the policy. This column displays all current conditions in

subcolumns.

Results Identity source that is used for authentication as a result of the evaluation of the rule.

Hit Count Number of times that the rule is matched. Click the Hit Count button to refresh and reset this

column.

Default Rule ACS applies the Default rule when:

• Enabled rules are not matched.

• No other rules are defined.

Click the link to edit the Default Rule. You can edit only the results of the Default Rule; you

cannot delete, disable, or duplicate it.

Customize button Opens the Customize page in which you choose the types of conditions to use in policy rules. A

new Conditions column appears in the Policy page for each condition that you add.

Caution If you remove a condition type after defining rules, you will lose any conditions that

you configured for that condition type.

Hit Count button Opens a window that enables you to reset and refresh the Hit Count display in the Policy page.

See Displaying Hit Counts, page 10-10.

previous next