Cisco Systems ASA 5580 Network Router User Manual

Open as PDF

of 2086

70-25

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 70 Configuring Dynamic Access Policies

Configuring Endpoint Attributes Used in DAPs

Guidelines

You can create multiple instances of each type of endpoint attribute. For each of these types, you need

to decide whether the DAP policy should require that the user have all instances of a type (Match all =

AND) or only one of them (Match Any = OR).

To set this value, after you have defined all instances of the endpoint attribute, click the Logical Op.

button and select the Match Any or Match All button. If you do not specify a Logical Operation, Match

Any is used by default.

Detailed Steps

Step 1 In the Endpoint Attribute Type list box, select NAC.

Step 2 Check the Posture Status checkbox and set the operation field to be equal to (=) or not equal to (!=) the

posture token string received by ACS. Enter the posture token string in the Posture Status text box.

Step 3 Click OK.

Step 4 Return to Configuring Dynamic Access Policies, page 70-10.

Additional References

See Endpoint Attribute Definitions, page 70-29 for additional information on the NAC endpoint attribute

requirements.

Adding an Operating System Endpoint Attribute to a DAP

Prerequisites

Configuring Operating System endpoint attributes as selection criteria for DAP records is part of a

larger process. Read Configuring Dynamic Access Policies, page 70-10 before you configure Operating

System endpoint attributes.

Detailed Steps

Step 1 In the Endpoint Attribute Type list box, select Operating System.

Step 2 Check the OS Version checkbox and set the operation field to be equal to (=) or not equal to (!=) the

Windows, Mac, or Linux operating system you set in the OS Version list box.

Step 3 Check the OS Update checkbox and set the operation field to be equal to (=) or not equal to (!=) the

Windows, Mac, or Linux service pack for the operating system you enter in the OS Update text box.

Step 4 Click OK.

Step 5 Return to Configuring Dynamic Access Policies, page 70-10.

Additional References

See Endpoint Attribute Definitions, page 70-29 for additional information on the Operating System

endpoint attribute requirements.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems ASA 5580 Network Router User Manual