Device Manager GUI Guide vA4(1.0), Cisco ACE 4700 Series Application Control Engine Appliance
Overview
Downloads: This chapterpdf (PDF - 1.0MB) The complete bookPDF (PDF - 14.92MB) | Feedback

Overview

Table Of Contents

Overview

ACE Appliance Device Manager Overview

Finding Information on CLI Tasks

Logging Into ACE Appliance Device Manager

Changing Your Account Password

ACE Appliance Device Manager Interface Overview

Understanding ACE appliance Device Manager Screens and Menus

Understanding ACE appliance Device Manager Buttons

Understanding Table Buttons

Conventions in Tables

Using the Advanced Editing Option

ACE Appliance Device Manager Screen Conventions

Viewing Monitoring Results

Configuration Overview

Understanding ACE Features

Understanding ACE appliance Device Manager Terminology


Overview


This section contains the following:

ACE Appliance Device Manager Overview

Logging Into ACE Appliance Device Manager

Changing Your Account Password

ACE Appliance Device Manager Interface Overview

Configuration Overview

Understanding ACE Features

Understanding ACE appliance Device Manager Terminology

For more information on how to get started quickly, see the Cisco 4700 Series Application Control Engine Appliance Quick Start Guide.

ACE Appliance Device Manager Overview

The ACE Appliance Device Manager, which resides in flash memory on the ACE appliance, provides a browser-based interface for configuring and managing the ACE appliance. Its intuitive interface combines easy navigation with point-and-click provisioning of services, reducing the complexity of configuring virtual services and multiple feature sets.

ACE appliance Device Manager menus and options:

Supports end-to-end service provisioning of the ACE appliance and any associated virtual contexts, including network access, port management, application acceleration and optimization, load-balancing, SSL management, resource management, and fault tolerance.


Note The DM uses SSH and XML over HTTPS to communicate with the ACE appliance and applying exec mode configuration changes (such as, checkpoint, SSL certificate, license, copy, and backup and restore configurations) to the appliance. By default, SSH is enabled on the appliance. However, ensure that the ssh key rsa 1024 force command is applied on the appliance.


Helps you manage ACE appliance licenses and role-based access control (RBAC).

Provides a monitoring interface with a flexible choice of statistics and graphs.

Enables you report any problem with the ACE appliance using the Lifeline feature, which allows you to forward critical information about the problem to Cisco Technical Support.

Offers task-based context-sensitive help from each screen, providing information about fields on the screen and related procedures.

For more information on how to get started quickly, see the Cisco 4700 Series Application Control Engine Appliance Device Manager GUI Quick Configuration Note.

Finding Information on CLI Tasks

ACE Appliance Device Manager does not include a one-to-one mapping of all the possible command line interface (CLI) tasks for the ACE appliance. Table 1-1 identifies some of the individual tasks to be performed from the CLI and provides a reference to the applicable configuration guide. For tasks not found in this table, see the Cisco 4700 Series Application Control Engine Appliance CLI Quick Configuration Note.

Table 1-1 CLI Documentation References

Task Topic
Related CLI Documentation

ARP, configuring

Cisco 4700 Series Application Control Engine Appliance Routing and Bridging Configuration Guide

Chapter 5, Configuring ARP

Authentication and accounting (AAA) services

Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide

Chapter 2, Configuring Authentication and Accounting Services 

Boot configuration (environment variable)

Cisco 4700 Series Application Control Engine Appliance Administration Guide

Chapter 1, Setting Up the ACE

Date and time (time zone, daylight savings time, clock settings, and NTP)

Cisco 4700 Series Application Control Engine Appliance Administration Guide

Chapter 1, Setting Up the ACE

LDAP directory server

Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide

Chapter 2, Configuring Authentication and Accounting Services 

Message-of-the-day banner

Cisco 4700 Series Application Control Engine Appliance Administration Guide

Chapter 1, Setting Up the ACE

Logging in to the ACE

Cisco 4700 Series Application Control Engine Appliance Administration Guide

Chapter 1, Setting Up the ACE

RADIUS server

Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide

Chapter 2, Configuring Authentication and Accounting Services 

script file 1

Cisco 4700 Series Application Control Engine Appliance Command Reference

SSH management sessions

Cisco 4700 Series Application Control Engine Appliance Administration Guide

Chapter 2, Enabling Remote Access to the ACE

TACACS+ server

Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide

Chapter 2, Configuring Authentication and Accounting Services 

VLAN interfaces, configuring

Cisco 4700 Series Application Control Engine Appliance Routing and Bridging Configuration Guide

Chapter 2, Configuring VLAN Interfaces

1 ACE appliance Device Manager supports the domain object type Script for RBAC configuration. It does not configure the script CLI command. To use the script file command, use the ACE Appliance CLI to load a script into memory on the ACE and enable it for use.



Note When you use the ACE CLI to configure named objects (such as a real server, virtual server, parameter map, class map, health probe, and so on), consider that the Device Manager (DM) supports object names with an alphanumeric string of 1 to 64 characters, which can include the following special characters: underscore (_), hyphen (-), dot (.), and asterisk (*). Spaces are not allowed.

If you use the ACE CLI to configure a named object with special characters that the DM does not support, you may not be able to configure the ACE using DM.


Logging Into ACE Appliance Device Manager

You access ACE appliance Device Manager features and functions through a Web-based interface. The following sections describe logging in, the interface, and terms used in ACE appliance Device Manager.

By default, your ACE provides an Admin context and five user contexts, which allow you to use multiple contexts if you choose to configure them. ACE appliance Device Manager uses Hypertext Transfer Protocol Secure (HTTPS) to securely encrypt HTTP requests and responses.

The ACE appliance Device Manager login screen allows you to:

Log into the ACE appliance Device Manager interface (First Time Login or Logging In as a User)

Change the password for your account (See Changing Your Account Password.)

Obtain online help by clicking Help

We recommend that before you log into the ACE appliance Device Manager that you log in to the ACE appliance CLI and initially configure basic settings on the ACE. See the Cisco 4700 Series Application Control Engine Appliance Administration Guide, Chapter 1, Setting Up the ACE, for details.


Note The DM does not support duplicate management IP addresses in different contexts.


First Time Login

After you perform the initial setup of the ACE appliance using the CLI, use the following procedure to log in the first time.

Procedure


Step 1 Use a Web browser and navigate to the ACE appliance Device Manager login screen by typing the IP address of the management interface configured during initial setup, such as https://192.168.11.1. A security alert screen appears.


Note The DM does not support duplicate management IP addresses in different contexts.


Step 2 We recommend that you view the certificate to confirm it is from Cisco Systems, then click OK or Yes to accept the certificate and proceed to the login screen. The keys you select may be different based on your browser.

Step 3 In the User Name field, type admin.

The admin account was created when the system was installed. Once you are logged in using this account, you can create additional user accounts and manage virtual contexts, roles, and domains. For information on changing account passwords, see Changing User Passwords, page 13-13.

Step 4 In the Password field, type the password for the admin user account, admin. The password for the admin user account was configured when the system was installed. Change the default admin login password as outlined in Changing Your Account Password.


Note All ACE appliances shipped from Cisco Systems are configured with the same administrative username and password. If you do not change the default Admin password, you will only be able to log in to the ACE through the console port.


Step 5 Click Login.

When you log in, the default window that appears is the All Virtual Contexts table (Config > Virtual Contexts) as shown in Figure 1-1.

Step 6 We recommend you change your admin password. See Changing Your Account Password.


Logging In as a User

Procedure


Step 1 Use a Web browser and navigate to the ACE appliance Device Manager login screen by typing the IP address of the management interface of a virtual context you wish to login into, such as https://192.168.11.1. The login screen appears.


Note The DM does not support duplicate management IP addresses in different contexts.


Step 2 To login as a user, enter userid in the User Name field (where userid is the login name provided by your admin).

Step 3 Enter your password and click Login.


Related Topics

Changing Your Account Password

ACE Appliance Device Manager Interface Overview

Managing Users, page 13-7

Managing User Roles, page 13-13

Managing Domains, page 13-31

Changing Your Account Password

All ACE appliances are shipped from Cisco Systems with the same administrative username and password. If you do not change the default Admin password, you will only be able to log in to the ACE through the console port.

Use this procedure to change your account password.

Procedure


Step 1 Using a Web browser, navigate to the ACE appliance Device Manager login screen by typing the IP address of the management interface configured during initial setup, such as https://192.168.11.1. The login screen appears.


Note The DM does not support duplicate management IP addresses in different contexts.


Step 2 In the User Name field, enter your account user name.

Step 3 Click Change Password. The Change Password configuration screen appears.

Step 4 In the User Name field, enter the user name of the account you want to modify.

For a user name in a context other than the Admin context, you must include the context name after the user name in the following format: username@context_name

For example, for the test_1 user name in the C1 context, enter test_1@C1.

Step 5 In the Old Password field, enter the current password for this account.

Step 6 In the New Password field, enter the new password for this account.

Password attributes such as minimum and maximum length or accepted characters are defined at the appliance level. Valid passwords are unquoted text strings with a maximum of 64 characters.

Step 7 In the Confirm New Password field, reenter the new password for this account.

Step 8 Click:

OK to save your entries and to return to the login screen.

Cancel to exit this procedure without saving your entries and to return to the login screen.


Related Topics

Logging Into ACE Appliance Device Manager

ACE Appliance Device Manager Interface Overview

Changing the Admin Password, page 13-13

ACE Appliance Device Manager Interface Overview

When you log into the ACE Appliance Device Manager, the default window that appears is the All Virtual Contexts table (Config > Virtual Contexts) as shown in Figure 1-1. Table 1-2 describes the numbered fields. A description of the buttons in the ACE Appliance Device Manager window are in Table 1-4.

Features that are not accessible from your user login or context due to permission settings will not display or may display grayed out. For more details on roles and features, see Managing User Roles, page 13-13.

Figure 1-1 ACE Appliance Device Manager Interface Components

Table 1-2 ACE appliance Device Manager Interface Components Descriptions

Field
Description

1

Navigation pane, which contains:

The high-level navigation path within the ACE Appliance Device Manager interface, which includes Config, Monitor, and Admin functions. You can click a tab in the navigation path to view the next level of menus below the tabs.

The Logout button.

A Help menu that provides links to context-sensitive help and ACE Appliance Device Manager version information.

2

A second-level navigation path, which contains another level of navigation. Clicking an option in this submenu displays its associated menus in the navigation pane.

3

Third-level navigation pane, which contains additional levels of navigation. Clicking on the menu bar in this pane toggles the task menu display options.

4

Content area, which contains the display and input area of the window. It can include tables, graphical maps, configuration screens, graphs, buttons, or combinations of these items. For a description of buttons, see Table 1-4.

5

Status bar, which displays Device Manager and CLI synchronization information, polling status for a context, and the current date and time of the ACE appliance.

Note Time values are displayed using a fixed time zone (GMT). The Device Manager automatically converts the timezone setting of the ACE appliance to GMT and displays the GMT string adjacent to the current time.


Related Topics

Understanding ACE appliance Device Manager Screens and Menus

Understanding Table Buttons

Understanding ACE appliance Device Manager Screens and Menus

Figure 1-2 contains many common screen elements as described in Table 1-3.

Figure 1-2 Example ACE appliance Device Manager Screen

Table 1-3 Example ACE appliance Device Manager Screen Descriptions

Number
Description

1

The high-level navigation path within the ACE Appliance Device Manager interface, which includes Config, Monitor, and Admin functions. You can click a tab in the navigation path to view the next level of menus below the tabs.

2

Content area. Contains the display and input area of the window. It can include tables, graphical maps, configuration screens, graphs, buttons, or combinations of these items.

3

Content buttons, which are described in Table 1-4.

4

Object selector. Use this field to change virtual contexts.

5

Input fields. Use these fields to make selections and provide information. Fields with 2 or 3 options use radio buttons. Fields with more than 3 options use dropdown lists.

6

Synchronization and configuration section of the status bar. One indicator displays DM GUI and CLI synchronization and summary count information and the other indicator displays CLI synchronization information and polling status for a context. See Viewing Virtual Context Synchronization Status, page 2-70 for CLI Config Status message descriptions or Error Monitoring, page 12-2 for polling state message descriptions.


Related Topics

Understanding ACE appliance Device Manager Buttons

Understanding Table Buttons

ACE Appliance Device Manager Screen Conventions

Understanding ACE appliance Device Manager Buttons

Table 1-4 describes the buttons that appear in some of the Config, Monitor, and Admin screens.


Note ACE appliance Device Manager documentation, including online help, uses the names of buttons in all procedures. For example, "Click Back to return to the previous screen."


Table 1-4 Button and Element Descriptions 

Button
Name
Description

Back

Returns you to the previous screen.

Forward

Takes you to the screen previously visited from the current location.

Refresh

Immediately refreshes the information in the content area with the current information.

Auto Refresh

Pauses the automatic refresh feature. You can pause the automatic refresh for 30, 60, 120, 300, 600, or 3600 seconds. If you disable the automatic refresh feature, ACE appliance Device Manager times out after 30 minutes.

Help

Launches context-sensitive help for the current screen.

Add Another

Saves the current entries and refreshes the screen so you can add another entry.

Advanced Editing Mode

Lets you view or enter advanced arguments for the selected display.

Switch between Configure and Browse modes

Displays the subtables for those items that have additional sets of parameters that can be configured, such as Config > Virtual Contexts > context > Load Balancing > Server Farms.

Note This button is not available on single-row tables such as Config > Virtual Contexts > System > SNMP. To switch between these modes, navigate to another screen where the button appears (for example, Config > Virtual Contexts > context > Load Balancing > Server Farms), click the button to enter the desired mode, then return to the screen on which the button was missing. You will remain in the mode you selected.

Key

Indicates that the associated field is a key field for this table. This field is mandatory and should be unique. If there are two fields with this key, then the combination must be unique.

Plus

Displays a table with information related to the field where Plus appears. For example, when Plus appears next to the field label Role, clicking Plus displays a list of all Role Names in a separate window. Indicates that the associated field is a key field for this table. This field is mandatory and should be unique. If there are two fields with this key, then the combination must be unique.

In File Browser only: expands or collapses the folder structure and reloads the specific directory.

Screen Mode

Toggles from partial to full screen mode. Maximizes the content area and removes the navigation aids.

Reorder List

Toggles list by alpha-order.


Related Topics

Understanding ACE appliance Device Manager Screens and Menus

Understanding Table Buttons

ACE Appliance Device Manager Screen Conventions

Understanding Table Buttons

When the content area of the ACE appliance Device Manager screen contains a table, there are several buttons that appear as described in Table 1-5.

Table 1-5 ACE Appliance Device Manager Table Buttons 

Button
Name
Description

Add

Lets you an entry to the displayed table.

View/Edit

Opens the configuration screen of a selected entry in the table.

Delete

Deletes the selected entry in the table.

Filter

Filters the displayed list of items according to the criteria you specify. (See Filtering Entries.)

Go

Appears when filtering is enabled; updates the table with the filtering criteria.

Save

Displays the current information in a new window in either raw data or Excel format so you can save it to a file or print it.


Related Topics

Understanding ACE appliance Device Manager Buttons

ACE Appliance Device Manager Screen Conventions

ACE Appliance Device Manager Interface Overview

Conventions in Tables

Conventions in Tables

Selecting Table Entries

Double-clicking an entry in a table opens its corresponding configuration screen.

You can select multiple entries in a table in two ways:

To select all table entries, check the check box at the top of the first column (where available).

To select multiple entries individually, select the desired entries.

Parent Rows

If you select multiple entries in a table and then choose an option that can apply to only one entry at a time, the Parent Row field appears first in the configuration screen (see Figure 1-3).

The Parent Row field lists the selected entries and requires you to select one. Subsequent configuration choices in this screen are applied only to the entry identified in the Parent Row field.

Parent Row columns appear in subtables when multiple items are selected in the primary table.

Figure 1-3 Parent Rows in Configuration Screens

Filtering Entries

Click Filter to view table entries using criteria you select. When filtering is enabled, a filter row appears above the first table entry that allows you to filter entries in the following ways:

In a drop-down list, select one of the ACE Appliance Device Manager-identified categories (see Figure 1-4). The table refreshes automatically with the entries that match the selected criterion.

In fields without drop-down lists, enter the string you want to match, then click Go above the first table entry. The table refreshes with the entries that match your input.

Figure 1-4 Example Table with Filtering Enabled

Related Topics

ACE Appliance Device Manager Interface Overview

Using the Advanced Editing Option

Using the Advanced Editing Option

By default, tables include columns that contain configured attributes, or a subset of columns related to a key field.

To view all configurable attributes in table format, click Advanced Editing Mode (the highlighted button in Figure 1-5). When advanced editing mode is enabled, all columns appear for your review (see Figure 1-5).

Figure 1-5 Advanced Editing Enabled Screen

Related Topics

ACE Appliance Device Manager Interface Overview

Conventions in Tables

ACE Appliance Device Manager Screen Conventions

Table 1-6 describes other conventions used in ACE appliance Device Manager screens.

Table 1-6 ACE Appliance Device Manager Screen Conventions 

Convention
Example
Description

Dimmed field

Dimmed fields signify items that cannot be modified or that are not accessible from the current screen.

Some buttons are dimmed if more than one item is selected in the list. For example, if multiple servers are selected in the Real Servers table, the View/Edit button is dimmed.

Dropdown lists

Fields with 2 or 3 options use radio buttons. Fields with more than 3 options use dropdown lists.

Light yellow field with green font

Warning text that appears below the affected field as green font against a light yellow background. In the example, a message stating that the community string must be entered if virtual context monitoring is used resulted in this display.

Red asterisk

A red asterisk indicates a required field.

Yellow field with red font

Incorrect, invalid, or incomplete entries appear as red font against a yellow background. In the example, an IP address cannot begin with four digits, resulting in this display. Warning text may also display below the affected field in green text on a yellow background.


Related Topics

Conventions in Tables

ACE Appliance Device Manager Interface Overview

Viewing Monitoring Results

Figure 1-6 shows an example graph from the Monitor component.

Figure 1-6 Monitoring Results Screen

Monitor graphs offer many options including graph type, viewing raw data, graph layout, and values to be included. Table 1-7 identifies these options and their associated buttons. When viewing a graph, click the button to select the option. ACE Appliance Device Manager displays graph data in GMT.


Note The maximum number of statistics that can be graphed is five.



Note On the ACE, statistics are kept for 7 days or 20,000 hourly records, whichever comes first. The duration it takes to reach 20,000 hourly records is determined by the number of contexts, interfaces and real servers configured. The "All dates" graph provides all available data in the database, up to the above mentioned numbers. An ACE reboot will reset the statistics database.


Table 1-7 ACE Appliance Device Manager Monitor Buttons 

Button
Name
Description
Graph Options

Line graph

Creates a line graph using the displayed information.

Stacked bar graph

Creates a stacked bar chart using the displayed information.

Bar graph

Creates a bar graph using the displayed information.

Viewing Options

Show raw data

Displays the raw data in table format.

Output to Excel

Displays the raw data in Excel format in a separate browser window.

Layout, Value, and Time Options

Change Legend Location

Displays the location of the legend.

Multigraph Mode

Displays two line graphs next to each other.

Value delta per time

Displays data points over time. See Graphing Data, page 12-3 for a comparison of regular and value delta per time graphs. Time values are displayed using a fixed time zone (GMT).

Time range

Displays the selected time range of the data to graph. Includes previous 1, 2, 8, or 24 hours or all dates.


Related Topics

ACE Appliance Device Manager Interface Overview

Understanding ACE appliance Device Manager Terminology

Graphing Data, page 12-3

Configuration Overview

Use the flow chart in Figure 1-7 to get started with the ACE Appliance Device Manager. Table 1-8 describes these tasks in more detail.

Figure 1-7 High-Level Configuration Process

Table 1-8 Configuration Task Overview 

 
Task
Description

Step 1 

Install ACE appliance licenses.

In this step you install licenses for ACE appliances that let you increase the number of virtual contexts, appliance bandwidth, and SSL TPS (transactions per second). See Managing ACE Appliance Licenses, page 2-27 for details.

Step 2 

Configure virtual contexts.

In this step you partition the ACE appliance into multiple virtual devices or contexts. Each context contains its own set of policies, interfaces, resources, and administrators, allowing you to efficiently manage resources, users, and the services you provide to your customers. See Using Virtual Contexts, page 2-2 for details.

Step 3 

Configure load-balancing services.

In this step you configure load balancing to manage client requests for service. See Load Balancing Overview, page 3-1 for details.

Step 4 

Update resource classes.

In this step you configure resource usage models that you can apply across your network. See Managing Resource Classes, page 2-34 for details.

Step 5 

Add user accounts.

In this step you set up tiered access for users. See Managing the ACE Appliance, page 13-1 for details.

Step 6 

Perform administrative tasks.

This step includes ongoing maintenance and administrative tasks, such as:

Updating ACE appliance software (see Managing ACE Appliance Licenses, page 2-27).

Monitoring virtual context or ACE Appliance Device Manager statistics (see "Monitoring Your Network" section on page 12-1).


Understanding ACE Features

The ACE performs high-performance server load balancing (SLB) among groups of servers, server farms, firewalls, and other network devices, based on Layer 3 as well as Layer 4 through Layer 7 packet information. The ACE provides the following major features and functionality.

Ethernet Interfaces—The ACE provides four physical Ethernet ports that provide an interface for connecting to 10-Mbps, 100-Mbps, or 1000-Mbps networks. Each Layer 2 Ethernet port supports autonegotiate, full-duplex, or half-duplex operation on an Ethernet LAN, and can carry traffic within a designated VLAN interface.

Routing and Bridging—You configure the corresponding VLAN interfaces on the ACE as either routed or bridged. When you configure an IP address on an interface, the ACE automatically configures it as a routed mode interface. When you configure a bridge group on an interface VLAN, the ACE automatically configures it as a bridged interface.

Traffic Policies—The ACE allows you to perform advanced administration tasks such as using traffic policies to classify traffic flow and the action to take for the type of traffic. Traffic policies consist of class maps, policy maps, and service policies.

Redundancy—Redundancy provides fault tolerance for the stateful switchover of flow, and offers increased uptime for a more robust network.

Virtualization—Virtualization allow you to manage ACE system resources and users, as well as the services provided to your customers. Multiple contexts use the concept of virtualization to partition your ACE into multiple virtual devices or contexts. Each context contains its own set of policies, interfaces, resources, and administrators.

Server Load Balancing— Server load balancing (SLB) on the ACE provides network traffic policies for SLB, real servers and server farms, health monitoring through probes, and firewall load balancing.

ACE Security Features—The ACE contains several security features including ACLs, NAT, user authentication and accounting, HTTP deep packet inspection, FTP command request inspection, and application protocol inspection of DNS, HTTP, ICMP, or RTSP.

Secure Sockets Layer—The SSL protocol on the ACE provides encryption technology for the Internet, ensuring secure transactions.

Application Acceleration and Optimization—The ACE includes several optimization technologies to accelerate Web application performance, optimize network performance, and improve access to critical business information.

Command-Line Interface—The command-line interface (CLI) is a line-oriented user interface that provides commands for configuring, managing, and monitoring the ACE. For more information, see the Cisco 4700 Series Application Control Engine Appliance Command Reference.

Related Topics

ACE Appliance Device Manager Overview

Cisco 4700 Series Application Control Engine Appliance Command Reference

Understanding ACE appliance Device Manager Terminology

It is useful to understand the following terms when using the ACE Appliance Device Manager:

Virtual context

A virtual context is a concept that allows users to partition an ACE appliance into multiple virtual devices. Each virtual context contains its own set of policies, interfaces, and resources, allowing administrators to more efficiently manage system resources and services.

Virtual server

In a load-balancing environment, a virtual server is a construct that allows multiple physical servers to appear as one for load-balancing purposes. A virtual server is bound to physical services running on real servers in a server farm and uses IP address and port information to distribute incoming client requests to the servers in the server farm according to a specified load-balancing algorithm.

Role-Based Access Control

Managing users using role-based access allows administrators to set up users, roles, and domain access to your virtual contexts. Each user is assigned a role and a domain which defines what virtual contexts they can view and configure. Roles determine which commands and resources are available to a user. Domains determine which objects they can use. Only users associated with an admin virtual context are allowed to see other virtual contexts.

There are two types of virtual contexts:

Admin context

The Admin context, which contains the basic settings for each virtual device or context, allows a user to configure and manage all contexts. When a user logs into the Admin context, he or she has full system administrator access to the entire ACE appliance and all contexts and objects within it. The Admin context provides access to network-wide resources, for example, a syslog server or context configuration server. All global commands for ACE appliance settings, contexts, resource classes, and so on, are available only in the Admin context.

User context

A user context has access to the resources in which the context was created. For example, a user context that was created by an administrator while in the Admin context, by default, has access to all resources in an ACE appliance. Any user created by someone in a user-defined context only has access to the resources within that context. In addition, roles and domains create access parameters for each user. For a description of the predefined user roles, see Managing User Roles, page 13-13.

For more information on RBAC, see Controlling Access to the Cisco ACE Appliance, page 13-3.

Resource class

A resource class is a defined set of resources and allocations available for use by a virtual context. Using resource classes prevents a single context from using all available resources and can be used to ensure that every context is guaranteed the minimum set of resources necessary.

Related Topics

Controlling Access to the Cisco ACE Appliance, page 13-3

ACE Appliance Device Manager Interface Overview

Conventions in Tables

Glossary