Cisco Cisco Secure Access Control System 5.1 Release Notes
3
Release Notes for the Cisco Secure Access Control System 5.1
OL-18997-01
New and Changed Features
Internal identity store enhancements include support for:
•
Enumerated attributes.
•
Password expiry.
•
Password history—Prevents the users from setting a password that was recently used.
•
External web services that allow users to change their passwords in the internal identity stores. This
process is known as User Change Password (UCP).
process is known as User Change Password (UCP).
Support for Additional Protocols
ACS 5.1 supports the following additional protocols:
•
EAP-FAST with GTC inner method
•
PEAP with GTC inner method
•
LEAP
•
RADIUS/CHAP
•
RADIUS/MS-CHAPv1
•
RADIUS/MS-CHAPv2
Administrator Access Feature Enhancements
The Administrator Access feature is enhanced to provide additional security. You can now:
•
Configure password expiry and disable administrator accounts based on inactivity or failed login
attempts.
attempts.
•
Configure a list of IP addresses from which administrators can access your resources.
•
Configure a server certificate for HTTPS (web interface).
•
Assign new roles that allow administrators to reset passwords, for either internal users or
administrators.
administrators.
Policy Condition Enhancements
The policy condition enhancements include:
•
Support for defining network conditions in policies that include a set of endpoints, network devices,
network device ports, and device and port combinations. The network conditions provide the same
functionality as that of Network Access Restrictions (NARs) in ACS 4.x.
network device ports, and device and port combinations. The network conditions provide the same
functionality as that of Network Access Restrictions (NARs) in ACS 4.x.
•
Support for a default device definition that can be used for new devices that connect through ACS.