Cisco Systems OL-24201-01 Camera Accessories User Manual


 
10-37
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10 Managing Access Policies
Configuring Access Service Policies
Creating Policy Rules
When you create rules, remember that the order of the rules is important. When ACS encounters a match
as it processes the request of a client that tries to access the ACS network, all further processing stops
and the associated result of that match is found. No further rules are considered after a match is found.
The Default Rule provides a default policy in cases where no rules are matched or defined. You can edit
the result of a default rule.
Before You Begin
Configure the policy conditions and results. See Managing Policy Conditions, page 9-1.
Select the types of conditions and results that the policy rules apply. See Customizing a Policy,
page 10-4.
To create a new policy rule:
Step 1 Select Access Policies > Service Selection Policy service > policy, where service is the name of the
access service, and policy is the type of policy. If you:
Previously created a rule-based policy, the Rule-Based Policy page appears, with a list of configured
rules.
Have not created a rule-based policy, the Simple Policy page appears. Click Rule-Based.
Step 2 In the Rule-Based Policy page, click Create.
The Rule page appears.
Step 3 Define the rule.
Step 4 Click OK
The Policy page appears with the new rule.
Step 5 Click Save Changes to save the new rule.
To configure a simple policy to use the same result for all requests that an access service processes, see:
Viewing Identity Policies, page 10-21
Configuring a Group Mapping Policy, page 10-26
Configuring a Session Authorization Policy for Network Access, page 10-29
Configuring a Session Authorization Policy for Network Access, page 10-29
Configuring Shell/Command Authorization Policies for Device Administration, page 10-34
Related Topics
Duplicating a Rule, page 10-38
Editing Policy Rules, page 10-38
Deleting Policy Rules, page 10-39