Cisco Acs 5x User Guide
Have a look at the manual Cisco Acs 5x User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
5-5 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Step 7See Installing a License File, page 18-35 to install a valid license. If your login is successful, the main page of the ACS web interface appears. If your login is unsuccessful, the following error message appears: Invalid username or password specified. The Username and Password fields are cleared. Step 8Re-enter the valid username and password, and click Login. Logging Out Click Logout in the ACS web interface header to end your administrative session. A dialog box appears asking if you are sure you want to log out of ACS. Click OK. CautionFor security reasons, Cisco recommends that you log out of the ACS when you complete your administrative session. If you do not log out, the ACS web interface logs you out if your session remains inactive for a configurable period of time, and does not save any unsubmitted configuration data. See Configuring Session Idle Timeout, page 16-11 for configuring session idle timeout. Understanding the Web Interface The following sections explain the ACS web interface: Web Interface Design, page 5-6 Header, page 5-6 Navigation Pane, page 5-7 Content Area, page 5-8
5-6 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Web Interface Design Figure 5-1 shows the overall design of the ACS web interface. Figure 5-1 ACS Web Interface The interface contains: Header, page 5-6 Navigation Pane, page 5-7 Content Area, page 5-8 Header Use the header to: Identify the current user (your username) Access the online help Log out Access the About information, where you can find information about which ACS web interface version is installed. These items appear on the right side of the header (see Figure 5-2). Figure 5-2 Header Related Topics Navigation Pane, page 5-7 Content Area, page 5-8
5-7 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Navigation Pane Use the navigation pane to navigate through the drawers of the web interface (see Figure 5-3). Figure 5-3 Navigation Pane Ta b l e 5 - 3 describes the function of each drawer. To open a drawer, click it. A list of options for that drawer appears. You can view the contents of only one drawer at a time. When you open a drawer, any previously open drawer automatically closes. Click an option to view the hierarchy of items and the current configuration, and perform configuration tasks associated with that option in the content area. See Content Area, page 5-8 for more information about the content area. To hide the navigation pane and expand the content area, click the collapse arrow, which is centered vertically between the navigation pane and content area. Click the collapse arrow again to reveal the navigation pane. Table 5-3 Navigation Pane Drawers Drawer Function My Workspace Access the Task Guide and Welcome page with shortcuts to common tasks and links to more information. See Chapter 5, “Understanding My Workspace” for more information. Network Resources Configure network devices, AAA clients, and network device groups. See Chapter 7, “Managing Network Resources” for more information. Users and Identity Stores Configure internal users and identity stores. See Chapter 8, “Managing Users and Identity Stores” for more information. Policy Elements Configure policy conditions and results. See Chapter 9, “Managing Policy Elements” for more information. Access Policies Configure access policies. See Chapter 10, “Managing Access Policies” for more information. Monitoring and Reports View log messages. See Chapter 11, “Monitoring and Reporting in ACS” for more information. System Administration Administer and maintain your ACS. See Chapter 16, “Managing System Administrators” for more information.
5-8 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface The options listed beneath drawers in the navigation pane are organized in a tree structure, where appropriate. The options in the tree structure are dynamic and can change based on administrator actions. Creating, deleting, or renaming objects in the content area can change the option display in the navigation pane. For example, beneath the Network Resources > Network Device Groups option, there are two preconfigured network device groups (options)—Location and Device Type. Figure 5-4 shows that the administrator has used the Network Device Groups option page to create an additional network device group called Business, which appears in the tree structure in the navigation pane. Figure 5-4 Navigation Pane—Dynamic Tree Structure Related Topics Header, page 5-6 Content Area, page 5-8 Content Area Use the content area to view your current location in the interface, view your configuration, configure AAA services, and administer your ACS. The content area can contain: Web Interface Location, page 5-9 List Pages, page 5-9 Secondary Windows, page 5-13 Rule Table Pages, page 5-16
5-9 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Web Interface Location Your current location in the interface appears at the top of the content area. Figure 5-5 shows that the location is the Policy Elements drawer and the Network Devices and AAA Clients page. Using this location as an example, ACS documentation uses this convention to indicate interface locations—Policy Elements > Policy Conditions > Network Devices and AAA Clients > Location. The remainder of the content area shows the content of the chosen page. The interface location also displays the action that you are configuring. For example, if you are in the Users and Identity Stores > Internal Identity Stores > Users page and you attempt to duplicate a specific user, the interface location is stated as: Users and Identity Stores > Internal Identity Stores > Users > Duplicate: user_name, where user_name is the name of the user you chose to duplicate. ACS documentation also uses this convention. List Pages List pages contain a list of items (see Figure 5-5). You can use list pages to delete one or more items from an option that you chose in the navigation pane. Figure 5-5 List Page Ta b l e 5 - 4 describes the content area buttons and fields that list pages have in common.
5-10 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Table 5-4 Common Content Area Buttons and Fields for List Pages Button or Field Description Rows per page Use the drop-down list to specify the number of items to display on this page. Options: 10—Up to 10. 25—Up to 25. 50—Up to 50. 100—Up to 100. Go Click to display the number of items you specify in the Rows per page field. Check box or radio buttonChooses or does not choose items in a list, for edit, duplicate, or delete actions. Options: Check (a check box) or click (a radio button)—Chooses an item. Check the check box in the header row to choose all items in the list. Check the individual check boxes to choose specific items in the list. Uncheck (a check box) or unclick (a radio button)—Does not choose an item. List column A tabular or hierarchical view of items associated with a specific configuration task. Figure 5-5 shows the list column as a list of configured network device names; the heading of this list column is Name. Scroll bar Use the content area scroll bar to view all the data in a page, if needed. Create Click to create a new item. A wizard or single page appears in the content area. When you click Create, any selections that you made in the content area are ignored and the content area displays an Edit page with page-specific default values, if any. Duplicate Click to duplicate a selected item. A single page or a tabbed page appears in the content area. Edit Click to edit a selected item. A single page or a tabbed page appears in the content area. Delete Click to delete one or more selected items. A dialog box that queries Are you sure you want to delete item/items? appears for the item, or items, you chose to delete. The confirmation dialog box contains OK and Cancel. Click: OK—Deletes the selected item or items. The list page appears without the deleted item. Cancel—Cancels the delete operation. The list page appears with no changes. You can only delete items that you can view on a page, including the content of a page that you can view by using the scroll bar. For tables that span more than one page, your selections of rows to delete for pages that you cannot view are ignored and those selections are not deleted.
5-11 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Tree table pages are a variation of list pages (see Figure 5-6). You can perform the same operations on tree table pages that you can on list pages, except for paging. In addition, with tree table pages: A darker background color in a row indicates the top level of a tree. If the first folder of a tree contains fewer than 50 items, the first folder is expanded and all others are collapsed. You must use the expanding icon (+) to view the contents of the collapsed folders. If the first folder of a tree contains 50 or more items, all folders in the tree are collapsed. You must click the expanding icon (+) to view the contents of the folders. If you check the check box for a folder (a parent), it chooses all children of that folder. If you check the check box of a folder (a parent), and then uncheck any of the children, the parent folder is unchecked automatically. Figure 5-6 Tree Table Page Page num of n Enter the number of the page you want to display in the content area of the list page, where num is the page you want to display, then click Go. Not available for tree table pages. Direction arrows Click the arrows on the lower right side of the content area to access the first page, previous page, next page, or last page. The arrows are active when required. Not available for tree table pages. Table 5-4 Common Content Area Buttons and Fields for List Pages (continued) Button or Field Description
5-12 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Filtering Large lists in a content area window or a secondary window (see Figure 5-9) can be difficult to navigate through and select the data that you want. You can use the web interface to filter data in these windows to reduce the data that appears in a list, based on criteria and conditions that you choose. Ta b l e 5 - 5 describes the filtering options. NoteNot all filtering options are available in all fields. NoteFor tree table pages, you can only perform filtering on a root node, the top-most parent. Sorting Most nontree list pages support sorting by the Name column or the Description column, when available. You can sort pages in an ascending or descending manner. Table 5-5 Filtering in the Content Area Window and Secondary Windows Button or Field Description Filter (drop-down list box) Select the name of the column from the drop-down list box on which to filter. Match if (drop-down list box)Select the condition you want to apply to your filter action: Contains Doesn’t Contain Ends With Equals Is Empty Not Empty Not Equals Starts With The condition is applied to the column you select in the Filter drop-down list box. v (down arrow) Click to add an additional filter row on which to choose conditions to narrow or expand your filter action. The text And: precedes the additional filter row. ^ (up arrow) Click to remove an extraneous filter row. Go Click to execute your filter action. Clear Filter Click to clear any current filter options. OK Click to add the selected data to your configuration and close the secondary window. This button is only available in secondary windows (see Figure 5-9).
5-13 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface For pages that do not have a Name or Description column, the sorting mechanism may be supported in the left-most column of the page, or the Description column. Place your cursor over a column heading to determine if sorting is available for a column. If sorting is available, the cursor turns into a hand and the text Click to sort appears. When a table is sorted, the column heading text darkens and an up arrow or down arrow appears next to the text (see Figure 5-7). Click the arrow to resort in the opposing manner. Figure 5-7 Sorting Example Secondary Windows The content area serves as the launching place for any secondary (popup) windows that you access by clicking Select (see Figure 5-8) from single, tabbed, or wizard pages. You use these secondary windows to filter and select data that you want to use in your configuration (see Figure 5-9 and Ta b l e 5 - 5). You can select one or more items from a secondary window to include in your configuration, dependent upon the selection option. Items listed in a secondary window with radio buttons allow you to select one item to include in your configuration and items listed with check boxes allow you to select multiple items. Figure 5-8 Select Button—Accesses Secondary Windows
5-14 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Figure 5-9 Secondary Window In addition to selecting and filtering data, you can create a selectable object within a secondary window. For example, if you attempt to create a users internal identity store, and click Select to assign the store to an identity group (a selectable object), but the identity group you want to associate it with is not available for selection, you can click Create within the secondary window to create the object you want. After you have created the object and clicked Submit, the secondary window is refreshed with the newly created object, which you can then select for your configuration. In this example, you can select the newly created identity group to assign it to the users internal identity store. Transfer Boxes Transfer boxes are a common element in content area pages (see Figure 5-10). You use these boxes to select and remove items for use in your configuration and order them according to your needs. Figure 5-10 shows the transfer box options. Ta b l e 5 - 6 describes the transfer box options.