User Guide for Cisco Secure Access Control System 5.3
Post Installation Tasks
Downloads: This chapterpdf (PDF - 91.0KB) The complete bookPDF (PDF - 8.49MB) | Feedback

Table of Contents

Post-Installation Configuration Tasks

Configuring Minimal System Setup

Configuring ACS to Perform System Administration Tasks

Configuring ACS to Manage Access Policies

Configuring ACS to Monitor and Troubleshoot Problems in the Network

Post-Installation Configuration Tasks

This chapter provides a set of configuration tasks that you must perform to work with ACS. This chapter contains the following sections:

Configuring Minimal System Setup

Table 6-1 lists the steps that you must follow for a minimal system setup to get ACS up and running quickly in a lab, evaluation, or demonstration environment.

 

Table 6-1 Minimal System Setup

Step No.
Task
Drawer
Refer to...

Step 1

Add network devices.

Network Resources > Network Devices and AAA Clients

Creating, Duplicating, and Editing Network Devices.

Step 2

Add users.

Users and Identity Stores > Internal Identity Stores > Users

Creating Internal Users.

Step 3

Create authorization rules to permit or deny access.

Policy Elements > Authorization and Permissions

Managing Authorizations and Permissions.

Configuring ACS to Perform System Administration Tasks

Table 6-2 lists the set of system administration tasks that you must perform to administer ACS.

 

Table 6-2 System Administration Tasks

Step No.
Task
Drawer
Refer to...

Step 1

Install ACS license.

System Administration > Configuration > Licensing

Licensing Overview.

Step 2

Install system certificates.

System Administration > Configuration > Local Server Certificates > Local Certificates

Configuring Local Server Certificates.

Step 3

Configure password policy rules for administrators and users.

  • For administrators:

System Administration > Administrators > Settings > Authentication

  • For administrator access settings:

System Administration > Administrators > Settings > Access

  • For users:

System Administration > Users > Authentication Settings

  • For administrators:

Configuring Authentication Settings for Administrators.

  • For administrator access settings:

Configuring Administrator Access Settings

  • For users:

Configuring Authentication Settings for Users.

Step 4

Add ACS administrators.

System Administration > Administrators > Accounts

Configuring System Administrators and Accounts

Step 5

Configure primary and secondary ACS instances.

System Administration > Operations > Distributed System Management

Understanding Distributed Deployment.

Step 6

Configure logging.

System Administration > Configuration > Log Configuration

Configuring Logs.

Step 7

Add network devices.

Network Resources > Network Devices and AAA Clients

Creating, Duplicating, and Editing Network Devices.

Step 8

Add users or hosts to the internal identity store, or define external identity stores, or both.

  • For internal identity stores:

Users and Identity Stores > Internal Identity Stores

  • For external identity stores:

Users and Identity Stores > External Identity Stores

  • For internal identity stores:

Creating Internal Users.

Creating Hosts in Identity Stores.

  • For external identity stores:

Creating External LDAP Identity Stores.

Configuring an AD Identity Store.

Creating and Editing RSA SecurID Token Servers.

Creating, Duplicating, and Editing RADIUS Identity Servers.

Step 9

Add end user certificates.

Users and Identity Stores > Certificate Authorities

Adding a Certificate Authority.

Step 10

Configure identity sequence.

Users and Identity Stores > Identity Store Sequences

Creating, Duplicating, and Editing Identity Store Sequences.

Configuring ACS to Manage Access Policies

Table 6-3 lists the set of tasks that you must perform to manage access restrictions and permissions.

 

Table 6-3 Managing Access Policies

Step No.
Task
Drawer
Refer to...

Step 1

Define policy conditions.

Policy Elements > Session Conditions

Managing Policy Conditions.

Step 2

Define authorization and permissions.

Policy Elements > Authorization and Permissions

Managing Authorizations and Permissions.

Step 3

Define access services and service selection policies.

Access Policies > Access Services

  • To configure access services:

Configuring Access Services.

  • To configure access service policies:

Configuring Access Service Policies.

  • To configure compound conditions:

Configuring Compound Conditions.

Configuring ACS to Monitor and Troubleshoot Problems in the Network

Table 6-4 lists a set of configuration tasks that you must perform to get the Monitoring & Report Viewer up and running.

 

Table 6-4 Monitoring and Troubleshooting Configuration

Step No.
Task
Drawer
Refer to...

Step 1

Configure data purge and backup.

Monitoring Configuration > System Operations > Data Management > Removal and Backup

Configuring Data Purging and Incremental Backup.

Step 2

Specify e-mail settings.

Monitoring Configuration > System Configuration > Email Settings

Specifying E-Mail Settings.

Step 3

Configure collection filters.

Monitoring Configuration > System Configuration > Collection Filters

Understanding Collection Filters.

Step 4

Enable system alarms and specify how you would like to receive notification.

Monitoring Configuration > System Configuration > System Alarm Settings

Configuring System Alarm Settings.

Step 5

Define schedules and create threshold alarms.

Monitoring and Reports > Alarms

  • To configure schedules:

Understanding Alarm Schedules.

  • To create threshold alarms:

Creating, Editing, and Duplicating Alarm Thresholds.

Step 6

Configure alarm syslog targets.

Monitoring Configuration > System Configuration > Alarm Syslog Targets

Configuring Alarm Syslog Targets.

Step 7

Configure remote database to export the Monitoring & Report Viewer data.

Monitoring Configuration > System Configuration > Remote Database Settings

Configuring Remote Database Settings.