Filter
Top Products
Chapter 10 Setting Up and Managing Administrators and Policy
Session Policy
10-14
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
• Allow Automatic Local Login—Enables administrators to start an
administrative session without logging in if they are using a browser on the
Cisco Secure ACS server. Local administrative sessions with automatic local
login are recorded in the Administrative Audit report with the administrator
name “local_login”.
Note If there are no administrator accounts defined, no administrator name
and password is required to access Cisco Secure ACS locally. This
prevents you from accidentally locking yourself out of
Cisco Secure ACS.
• Respond to Invalid IP Address Connections—Enables an error message in
response to attempts to start a remote administrative session using an IP
address that is invalid according to the IP address ranges configured in
Access Policy. Disabling this option can help prevent unauthorized users
from discovering your Cisco Secure ACS server.
• Lock out Administrator after x successive failed attempts—Enables
Cisco Secure ACS to lock out an administrator after the number of successive
failed login attempts specified in the x box. A value of 0 (zero) in the x box
allows unlimited successive administrative login failures. If this check box is
selected, the x box cannot be set to zero.
Setting Up Session Policy
For information about session policy options, see “Session Policy Options”
section on page 10-13.
To setup Cisco Secure ACS Session Policy, follow these steps:
Step 1 In the navigation bar, click Administration Control.
Result: Cisco Secure ACS displays the Administration Control page.
Step 2 Click Session Policy.
Result: The Session Policy Setup page appears.
Step 3 To define the number of minutes of inactivity after which Cisco Secure ACS ends
an administrative session, in the Session idle timeout (minutes) box, type the
number of minutes.