Filter
Top Products
216 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
Configuring the administrative interface to Cisco Secure ACS
By default, not all features and options of the Cisco Secure ACS administrator
interface are enabled. The advanced features required by the IBM Integrated
Security Solution for Cisco Networks are not used in common Cisco Secure ACS
deployments. For our solution some of these features must be activated. They
are used by Cisco Secure ACS to communicate enforcement actions to the NAD.
To enable the appearance of the enforcement action interface in the Cisco
Secure ACS administrator interface, perform the following steps:
1. Click Interface Configuration on the Cisco Secure ACS main menu.
2. Click Advanced Options (Figure 7-2) at the bottom of the list of options.
Figure 7-2 Interface Configuration main menu
3. This opens the window in Figure 7-3 on page 217. Under Advanced
Options, select:
– Group-Level downloadable ACLs
This enables the appearance of the downloadable ACLs option in the
Shared Profile Components and Group Setup interfaces. These are used
to cause Cisco Secure ACS to send dynamic access control lists to the
NAD to be applied on a client undergoing NAC.