Contents
ix
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Groups and Attributes Mapping 8-58
RADIUS Identity Store in Identity Sequence 8-59
Authentication Failure Messages 8-59
Username Special Format with Safeword Server 8-59
User Attribute Cache 8-60
Creating, Duplicating, and Editing RADIUS Identity Servers 8-60
Configuring CA Certificates 8-65
Adding a Certificate Authority 8-66
Editing a Certificate Authority and Configuring Certificate Revocation Lists 8-67
Deleting a Certificate Authority 8-68
Exporting a Certificate Authority 8-69
Configuring Certificate Authentication Profiles 8-69
Configuring Identity Store Sequences 8-71
Creating, Duplicating, and Editing Identity Store Sequences 8-71
Deleting Identity Store Sequences 8-73
CHAPTER
9 Managing Policy Elements 9-1
Managing Policy Conditions 9-1
Creating, Duplicating, and Editing a Date and Time Condition 9-3
Creating, Duplicating, and Editing a Custom Session Condition 9-5
Deleting a Session Condition 9-6
Managing Network Conditions 9-6
Importing Network Conditions 9-8
Exporting Network Conditions 9-9
Creating, Duplicating, and Editing End Station Filters 9-9
Creating, Duplicating, and Editing Device Filters 9-12
Creating, Duplicating, and Editing Device Port Filters 9-14
Managing Authorizations and Permissions 9-17
Creating, Duplicating, and Editing Authorization Profiles for Network Access 9-18
Specifying Authorization Profiles 9-19
Specifying Common Attributes in Authorization Profiles 9-19
Specifying RADIUS Attributes in Authorization Profiles 9-21
Creating and Editing Security Groups 9-23
Creating, Duplicating, and Editing a Shell Profile for Device Administration 9-23
Defining General Shell Profile Properties 9-25
Defining Common Tasks 9-25
Defining Custom Attributes 9-28
Creating, Duplicating, and Editing Command Sets for Device Administration 9-28
Creating, Duplicating, and Editing Downloadable ACLs 9-31