Home > Cisco > Interface > Cisco Ise 13 User Guide

Cisco Ise 13 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Ise 13 User Guide. The Cisco manuals for Interface are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 751

    Page 751 Usage GuidelinesFields CiscoISEnodepersonasthatareenabledonthenoderunningtheCAservice.For example,Administration,PolicyService,etc. Personas Therole(s)assumedbytheCiscoISEnoderunningtheCAservice.Forexample, StandaloneorPrimaryorSecondary. Role(s) EnabledordisabledCA&OCSP ResponderStatus URLforCiscoISEnodetoaccesstheOCSPserver.OCSPResponder URL Related Topics CiscoISECAService,onpage152 ConfigureCiscoISEtoUseCertificatesforAuthenticatingPersonalDevices,onpage158 Certificate Template Settings... 
    Usage GuidelinesFields
CiscoISEnodepersonasthatareenabledonthenoderunningtheCAservice.For
example,Administration,PolicyService,etc.
Personas
Therole(s)assumedbytheCiscoISEnoderunningtheCAservice.Forexample,
StandaloneorPrimaryorSecondary.
Role(s)
EnabledordisabledCA&OCSP
ResponderStatus
URLforCiscoISEnodetoaccesstheOCSPserver.OCSPResponder
URL
Related Topics
CiscoISECAService,onpage152
ConfigureCiscoISEtoUseCertificatesforAuthenticatingPersonalDevices,onpage158
Certificate Template Settings...

    Page 752

    Page 752 Usage GuidelinesFields Countryname.Youmustenterthetwo-letterISOcountrycode.Forexample,US.Country(C) (Displayonly)MACaddressoftheendpoint.SubjectAlternative Name(SAN) Specifyakeysizeof1024orhigher.KeySize ChoosetheISEInternalCAoranexternalSCEPRAprofilethatyouhavecreated.SCEPRAProfile Enterthenumberofdaysafterwhichthecertificateexpires.ValidPeriod Related Topics CertificateTemplates CertificateTemplateNameExtension ConfigureCiscoISEtoUseCertificatesforAuthenticatingPersonalDevices,onpage158... 
    Usage GuidelinesFields
Countryname.Youmustenterthetwo-letterISOcountrycode.Forexample,US.Country(C)
(Displayonly)MACaddressoftheendpoint.SubjectAlternative
Name(SAN)
Specifyakeysizeof1024orhigher.KeySize
ChoosetheISEInternalCAoranexternalSCEPRAprofilethatyouhavecreated.SCEPRAProfile
Enterthenumberofdaysafterwhichthecertificateexpires.ValidPeriod
Related Topics
CertificateTemplates
CertificateTemplateNameExtension
ConfigureCiscoISEtoUseCertificatesforAuthenticatingPersonalDevices,onpage158...

    Page 753

    Page 753 Usage GuidelinesFields Choosethesyslogfacilitycodetobeusedforlogging.ValidoptionsareLocal0 throughLocal7. FacilityCode Enterthemaximumlengthoftheremotelogtargetmessages.Validoptionsare from200to1024bytes. MaximumLength Checkthischeck-boxifyouwantCiscoISEtobufferthesyslogmessageswhen TCPsyslogtargetsandsecuresyslogtargetsareunavailable.ISEretriessending themessagestothetargetwhentheconnectionresumes.Aftertheconnection resumes,messagesaresentbytheorderfromoldesttonewestandbuffered... 
    Usage GuidelinesFields
Choosethesyslogfacilitycodetobeusedforlogging.ValidoptionsareLocal0
throughLocal7.
FacilityCode
Enterthemaximumlengthoftheremotelogtargetmessages.Validoptionsare
from200to1024bytes.
MaximumLength
Checkthischeck-boxifyouwantCiscoISEtobufferthesyslogmessageswhen
TCPsyslogtargetsandsecuresyslogtargetsareunavailable.ISEretriessending
themessagestothetargetwhentheconnectionresumes.Aftertheconnection
resumes,messagesaresentbytheorderfromoldesttonewestandbuffered...

    Page 754

    Page 754 Table 63: Logging Category Settings Usage GuidelinesFields Displaysthenameoftheloggingcategory.Name Allowsyoutochoosetheseveritylevelforthediagnosticloggingcategoriesfromthe followingoptions: •FATAL—Emergency.ThisoptionmeansthatCiscoISEcannotbeusedandyou musttakeactionimmediately •ERROR—Thisoptionindicatesacriticalorerrorcondition. •WARN—Thisoptionindicatesanormalbutsignificantcondition.Thisisthe defaultcondition. •INFO—Thisoptionindicatesaninformationalmessage.... 
    Table 63: Logging Category Settings
Usage GuidelinesFields
Displaysthenameoftheloggingcategory.Name
Allowsyoutochoosetheseveritylevelforthediagnosticloggingcategoriesfromthe
followingoptions:
•FATAL—Emergency.ThisoptionmeansthatCiscoISEcannotbeusedandyou
musttakeactionimmediately
•ERROR—Thisoptionindicatesacriticalorerrorcondition.
•WARN—Thisoptionindicatesanormalbutsignificantcondition.Thisisthe
defaultcondition.
•INFO—Thisoptionindicatesaninformationalmessage....

    Page 755

    Page 755 Table 64: Repository Settings Usage GuidelinesFields Enterthenameoftherepository.Alphanumericcharactersareallowedandthemaximum lengthis80characters. Repository Chooseoneoftheavailableprotocolsthatyouwanttouse.Protocol (RequiredforTFTP,HTTP,HTTPS,FTP,SFTP,andNFS)EnterthehostnameorIPv4 addressoftheserverwhereyouwanttocreatetherepository. ServerName Enterthepathtoyourrepository.Thepathmustbevalidandmustexistatthetimeyou createtherepository.... 
    Table 64: Repository Settings
Usage GuidelinesFields
Enterthenameoftherepository.Alphanumericcharactersareallowedandthemaximum
lengthis80characters.
Repository
Chooseoneoftheavailableprotocolsthatyouwanttouse.Protocol
(RequiredforTFTP,HTTP,HTTPS,FTP,SFTP,andNFS)EnterthehostnameorIPv4
addressoftheserverwhereyouwanttocreatetherepository.
ServerName
Enterthepathtoyourrepository.Thepathmustbevalidandmustexistatthetimeyou
createtherepository....

    Page 756

    Page 756 On-Demand Backup Settings ThefollowingtabledescribesthefieldsontheOn-DemandBackuppage,whichyoucanusetoobtaina backupatanypointoftime.Thenavigationpathforthispageis:Administration>System>Backup& Restore. Table 66: On-Demand Backup Settings Usage GuidelinesFields Enterthenameofyourbackupfile.BackupName Selectoneofthefollowing: •Configurationbackup—containsbothapplication-specificandCiscoADEoperating systemconfigurationdata. •Operationalbackup—containsMonitoringandTroubleshootingdata. Type... 
    On-Demand Backup Settings
ThefollowingtabledescribesthefieldsontheOn-DemandBackuppage,whichyoucanusetoobtaina
backupatanypointoftime.Thenavigationpathforthispageis:Administration>System>Backup&
Restore.
Table 66: On-Demand Backup Settings
Usage GuidelinesFields
Enterthenameofyourbackupfile.BackupName
Selectoneofthefollowing:
•Configurationbackup—containsbothapplication-specificandCiscoADEoperating
systemconfigurationdata.
•Operationalbackup—containsMonitoringandTroubleshootingdata.
Type...

    Page 757

    Page 757 Table 67: Scheduled Backup Settings Usage GuidelinesFields Enteranameforyourbackupfile.Youcanenteradescriptivenameofyourchoice.Cisco ISEappendsthetimestamptothebackupfilenameandstoresitintherepository.You willhaveuniquebackupfilenamesevenifyouconfigureaseriesofbackups.Onthe ScheduledBackuplistpage,thebackupfilenamewillbeprependedwith“backup_occur” toindicatethatthefileisakronoccurrencejob . Name Enteradescriptionforthebackup.Description... 
    Table 67: Scheduled Backup Settings
Usage GuidelinesFields
Enteranameforyourbackupfile.Youcanenteradescriptivenameofyourchoice.Cisco
ISEappendsthetimestamptothebackupfilenameandstoresitintherepository.You
willhaveuniquebackupfilenamesevenifyouconfigureaseriesofbackups.Onthe
ScheduledBackuplistpage,thebackupfilenamewillbeprependedwith“backup_occur”
toindicatethatthefileisakronoccurrencejob
.
Name
Enteradescriptionforthebackup.Description...

    Page 758

    Page 758 Table 68: Administrator Password Policy Settings Usage GuidelinesFields Specifiestheminimumlengthofthepassword(incharacters). Thedefaultissixcharacters. MinimumLength Checkthischeckboxtorestricttheuseoftheadministrator usernameoritscharactersinreverseorder. Passwordshouldnotcontaintheadmin nameoritscharactersinreversedorder Checkthischeckboxtorestricttheuseoftheword“cisco”or itscharactersinreverseorder. Passwordshouldnotcontain“cisco”orits charactersinreversedorder... 
    Table 68: Administrator Password Policy Settings
Usage GuidelinesFields
Specifiestheminimumlengthofthepassword(incharacters).
Thedefaultissixcharacters.
MinimumLength
Checkthischeckboxtorestricttheuseoftheadministrator
usernameoritscharactersinreverseorder.
Passwordshouldnotcontaintheadmin
nameoritscharactersinreversedorder
Checkthischeckboxtorestricttheuseoftheword“cisco”or
itscharactersinreverseorder.
Passwordshouldnotcontain“cisco”orits
charactersinreversedorder...

    Page 759

    Page 759 Usage GuidelinesFields SpecifiesthenumberoftimesCiscoISErecordsincorrect administratorpasswordsbeforelockingtheadministratorout ofCiscoISE,andsuspendingordisablingaccountcredentials. Ane-mailissenttotheadministratorwhoseaccountgetslocked out.Youcanenteracustome-mailremediationmessage. LockorSuspendAccountwithIncorrect LoginAttempts Related Topics CiscoISEAdministrators,onpage97 CreateaNewCiscoISEAdministrator,onpage98 Session Timeout and Session Info Settings... 
    Usage GuidelinesFields
SpecifiesthenumberoftimesCiscoISErecordsincorrect
administratorpasswordsbeforelockingtheadministratorout
ofCiscoISE,andsuspendingordisablingaccountcredentials.
Ane-mailissenttotheadministratorwhoseaccountgetslocked
out.Youcanenteracustome-mailremediationmessage.
LockorSuspendAccountwithIncorrect
LoginAttempts
Related Topics
CiscoISEAdministrators,onpage97
CreateaNewCiscoISEAdministrator,onpage98
Session Timeout and Session Info Settings...

    Page 760

    Page 760 Posture General Settings ThefollowingtabledescribesthefieldsonthePostureGeneralSettingspage,whichyoucanusetoconfigure generalposturesettingssuchasremediationtimeandposturestatus.Thenavigationpathforthispage is:Administration>System>Settings>Posture>GeneralSettings. Table 70: Posture General Settings Usage GuidelinesFields Enteratimevalueinminutes.Thedefaultvalueis4minutes.Thevalidrange is1to300minutes. RemediationTimer Enteratimevalueinseconds.Thedefaultvalueis3seconds.Thevalidrange is2to30seconds.... 
    Posture General Settings
ThefollowingtabledescribesthefieldsonthePostureGeneralSettingspage,whichyoucanusetoconfigure
generalposturesettingssuchasremediationtimeandposturestatus.Thenavigationpathforthispage
is:Administration>System>Settings>Posture>GeneralSettings.
Table 70: Posture General Settings
Usage GuidelinesFields
Enteratimevalueinminutes.Thedefaultvalueis4minutes.Thevalidrange
is1to300minutes.
RemediationTimer
Enteratimevalueinseconds.Thedefaultvalueis3seconds.Thevalidrange
is2to30seconds....
    Start reading Cisco Ise 13 User Guide

    Related Manuals for Cisco Ise 13 User Guide

    All Cisco manuals