Cisco Systems OL-24201-01 Camera Accessories User Manual


 
Contents
iv
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Policy Terminology 3-3
Simple Policies 3-4
Rule-Based Policies 3-4
Types of Policies 3-5
Access Services 3-6
Identity Policy 3-9
Group Mapping Policy 3-11
Authorization Policy for Device Administration 3-11
Processing Rules with Multiple Command Sets 3-11
Exception Authorization Policy Rules 3-12
Service Selection Policy 3-12
Simple Service Selection 3-12
Rules-Based Service Selection 3-13
Access Services and Service Selection Scenarios 3-13
First-Match Rule Tables 3-14
Policy Conditions 3-16
Policy Results 3-16
Authorization Profiles for Network Access 3-16
Processing Rules with Multiple Authorization Profiles 3-17
Policies and Identity Attributes 3-17
Policies and Network Device Groups 3-18
Example of a Rule-Based Policy 3-18
Flows for Configuring Services and Policies 3-19
CHAPTER
4 Common Scenarios Using ACS 4-1
Overview of Device Administration 4-2
Session Administration 4-3
Command Authorization 4-4
TACACS+ Custom Services and Attributes 4-5
Password-Based Network Access 4-5
Overview of Password-Based Network Access 4-5
Password-Based Network Access Configuration Flow 4-7
Certificate-Based Network Access 4-9
Overview of Certificate-Based Network Access 4-9
Using Certificates in ACS 4-10
Certificate-Based Network Access for EAP-TLS 4-10
Authorizing the ACS Web Interface from Your Browser Using a Certificate 4-11
Validating an LDAP Secure Authentication Connection 4-12