Filter
Top Products
3-14
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 3 ACS 5.x Policy Model
Service Selection Policy
In this example, instead of creating the network access policy for 802.1x, agentless devices, and guest
access in one access service, the policy is divided into three access services.
First-Match Rule Tables
ACS 5.3 provides policy decisions by using first-match rule tables to evaluate a set of rules. Rule tables
contain conditions and results. Conditions can be either simple or compound. Simple conditions consist
of attribute operator value and are either True or False. Compound conditions contain more complex
conditions combined with AND or OR operators. See Policy Conditions, page 3-16 for more
information.
The administrator selects simple conditions to be included in a policy. The conditions are displayed as
columns in a rule table where the column headings are the condition name, which is usually the name of
the attribute.
The rules are displayed under the column headings, and each cell indicates the operator and value that
are combined with the attribute to form the condition. If ANY Figure 3-1 shows a column-based rule table
with defined condition types.
Figure 3-1 Example Policy Rule Table