Cisco Systems OL-24201-01 Camera Accessories User Manual

Open as PDF

of 650

4-4

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

Chapter 4 Common Scenarios Using ACS

Overview of Device Administration

Step 5 Configure an access service policy. See Access Service Policy Creation, page 10-4.

Step 6 Configure a service selection policy. See Service Selection Policy Creation, page 10-4.

Step 7 Configure an authorization policy (rule table). See Configuring a Session Authorization Policy for

Network Access, page 10-29.

Command Authorization

This topic describes the flow for an administrator to issue a command to a network device.

Note The device administration command flow is available for the TACACS+ protocol only.

1. An administrator issues a command to a network device.

2. The network device sends an access request to ACS.

3. ACS optionally uses an identity store (external Lightweight Directory Access Protocol [LDAP],

Active Directory, RADIUS Identity Server, or internal ACS identity store) to retrieve user attributes

which are included in policy processing.

4. The response indicates whether the administrator is authorized to issue the command.

To configure a command authorization policy (device administration rule table) to allow an

administrator to issue commands to a network device:

Step 1 Configure the TACACS+ protocol global settings and user authentication option. See Configuring

TACACS+ Settings, page 18-1.

Step 2 Configure network resources. See Network Devices and AAA Clients, page 7-5.

Step 3 Configure the users and identity stores. See Managing Internal Identity Stores, page 8-4 or Managing

External Identity Stores, page 8-22.

Step 4 Configure command sets according to your needs. See Creating, Duplicating, and Editing Command

Sets for Device Administration, page 9-28.

Step 5 Configure an access service policy. See Access Service Policy Creation, page 10-4.

Step 6 Configure a service selection policy. See Service Selection Policy Creation, page 10-4.

Step 7 Configure an authorization policy (rule table). See Configuring Shell/Command Authorization Policies

for Device Administration, page 10-34.

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-24201-01 Camera Accessories User Manual