CEPM User Guide V3.3.1.0 - Overview of the PAP Console [Cisco Policy Administration Point]

Table Of Contents

Overview of the PAP Console

Overview of the PAP Console

The Policy Administration Point (PAP) component is used by the administrators of an enterprise to define fine-grained authorization policies for the enterprise users who need to access various software components to carry out their day-to-day tasks.

The PAP provides central administration, management, and monitoring of entitlement policies through the PAP administration console user interface.

The key capabilities of the PAP are:

•Create and configure users, user groups, roles, and resources.

•Import and synchronize users and user groups in the external data repositories like LDAP-based directory services.

•Create and configure the Policy Decision Point.

•Checks the entitlements for the User/Role/Group/Resource by associating the PDP to an application.

•Refreshes the PDP cache.

•Define policies to provide fine-grained access permissions to resources for users, user groups, and roles using complex rules and contexts.

•Create and configure rules that are based on internal attributes as well as on external attributes that exist in external data sources like external databases, LDAP directories, Java classes, and web services.

•Check entitlement policies for entities, view admin and runtime logs.

•Create PAP users and delegate full or partial authorization to use the PAP.

	CEPM User Guide V3.3.1.0
	Overview of the PAP Console
CEPM User Guide V3.3.1.0 Preface Cisco Enterprise Policy Manager Overview of the PAP Console Login and Home Page Manage Entities Manage Entitlements Auditing and Reporting System Config Delegated Administration App A - Policy Combining Algorithm App B - User Login Auth using SSO App C - OpenSSL	Download this chapter Overview of the PAP Console Download the complete book CEPM User Guide V 3.3.1.0 (PDF - 13 MB) Feedback Table Of Contents Overview of the PAP Console Overview of the PAP Console The Policy Administration Point (PAP) component is used by the administrators of an enterprise to define fine-grained authorization policies for the enterprise users who need to access various software components to carry out their day-to-day tasks. The PAP provides central administration, management, and monitoring of entitlement policies through the PAP administration console user interface. The key capabilities of the PAP are: •Create and configure users, user groups, roles, and resources. •Import and synchronize users and user groups in the external data repositories like LDAP-based directory services. •Create and configure the Policy Decision Point. •Checks the entitlements for the User/Role/Group/Resource by associating the PDP to an application. •Refreshes the PDP cache. •Define policies to provide fine-grained access permissions to resources for users, user groups, and roles using complex rules and contexts. •Create and configure rules that are based on internal attributes as well as on external attributes that exist in external data sources like external databases, LDAP directories, Java classes, and web services. •Check entitlement policies for entities, view admin and runtime logs. •Create PAP users and delegate full or partial authorization to use the PAP.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks