User's Manual

ManualsBrandsCisco Systems ManualsCamera AccessoriesCisco Systems OL-24201-01

241

242

243

244

245

246

247

248

249

250

9-17

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

Chapter 9 Managing Policy Elements

Managing Authorizations and Permissions

Defining NDG-Based Device Port Filters

You can create, duplicate, and edit the network device group type and the port to which you want to

permit or deny access. To do this:

Step 1 From the Network Device Group tab, do one of the following:

• Click Create.

• Check the check box next to the NDG-based device port filter that you want to duplicate, then click

Duplicate.

• Check the check box next to the NDG-based device port filter that you want to edit, then click Edit.

A dialog box appears.

Step 2 Click Select to choose the network device group type that you want to filter.

Step 3 Click Select to choose the network device group value that you want to filter.

Step 4 Check the Port check box and enter the port number.

Step 5 Click OK.

Related Topics

• Managing Network Conditions, page 9-6

• Creating, Duplicating, and Editing Device Filters, page 9-12

• Defining IP Address-Based Device Filters, page 9-13

• Defining Name-Based Device Filters, page 9-13

Managing Authorizations and Permissions

You define authorizations and permissions to determine the results associated with a specific policy rule.

You can define:

• Authorization profiles for network access authorization (for RADIUS).

• Shell profiles for TACACS+ shell sessions and command sets for device administration.

• Downloadable ACLs.

• Security groups and security group ACLs for Cisco Security Group Access. See ACS and Cisco

Security Group Access, page 4-23, for information on configuring these policy elements.

These topics describe how to manage authorizations and permissions:

• Creating, Duplicating, and Editing Authorization Profiles for Network Access, page 9-18

• Creating and Editing Security Groups, page 9-23

• Creating, Duplicating, and Editing a Shell Profile for Device Administration, page 9-23

• Creating, Duplicating, and Editing Command Sets for Device Administration, page 9-28

• Creating, Duplicating, and Editing Downloadable ACLs, page 9-31

• Deleting an Authorizations and Permissions Policy Element, page 9-32

• Configuring Security Group Access Control Lists, page 9-33