Filter
Top Products
Contents
iv
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Deploying ACS in a NAC/NAP Environment 2-15
Additional Topics 2-16
Remote Access Policy 2-16
Security Policy 2-17
Administrative Access Policy 2-17
Separation of Administrative and General Users 2-18
Database Considerations 2-19
Number of Users 2-19
Type of Database 2-19
Network Latency and Reliability 2-19
CHAPTER
3 Configuring New Features in ACS 4.2 3-1
New Global EAP-FAST Configuration Options 3-1
Disabling of EAP-FAST PAC Processing in Network Access Profiles 3-3
Disabling NetBIOS 3-4
Configuring ACS 4.2 Enhanced Logging Features 3-5
Configuring Group Filtering at the NAP Level 3-6
Option to Not Log or Store Dynamic Users 3-7
Active Directory Multi-Forest Support 3-7
Configuring Syslog Time Format in ACS 4.2 3-7
RSA Support on the ACS SE 3-8
Purging the RSA Node Secret File 3-10
Configuring RSA SecurID Token and LDAP Group Mapping 3-11
Turning Ping On and Off 3-16
CHAPTER
4 Using RDBMS Synchronization to Create dACLs and Specify Network Configuration 4-1
New RDBMS Synchronization Features in ACS Release 4.2 4-1
Using RDBMS Synchronization to Configure dACLs 4-2
Step 1: Enable dACLs 4-2
Step 2: Create a Text File to Define the dACLs 4-2
Step 3: Code an accountActions File to Create the dACL and Associate a User or Group with the
dACL 4-4
Sample accountActions CSV File 4-4
Step 4: Configure RDBMS Synchronization to Use a Local CSV File 4-5
Step 5: Perform RDBMS Synchronization 4-8
Running RDBMS Synchronization from the ACS GUI 4-8
Running CSDBSync Manually to Create the dACLs 4-8
Performing RDBM Synchronization Using a Script 4-9