Cisco Systems CSACS3415K9 Manual De Usuario
12-16
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter 12 Managing Alarms
Creating, Editing, and Duplicating Alarm Thresholds
Related Topics
•
•
•
Failed Authentications
When ACS evaluates this threshold, it examines the RADIUS or TACACS+ failed authentications that
occurred during the time interval that you have specified up to the previous 24 hours. These
authentication records are grouped by a common attribute, such as ACS Instance, User, Identity Group,
and so on.
occurred during the time interval that you have specified up to the previous 24 hours. These
authentication records are grouped by a common attribute, such as ACS Instance, User, Identity Group,
and so on.
The number of records within each of these groups is computed. If the count computed for any of these
groups exceeds the specified threshold, an alarm is triggered.
groups exceeds the specified threshold, an alarm is triggered.
For example, if you configure a threshold with the following criteria: Failed authentications greater than
10 in the past 2 hours for Device IP. When ACS evaluates this threshold, if failed authentications have
occurred for four IP addresses in the past two hours as follows:
10 in the past 2 hours for Device IP. When ACS evaluates this threshold, if failed authentications have
occurred for four IP addresses in the past two hours as follows:
Device Group
Click Select to choose a valid device group name on which to configure your threshold.
Identity Store
Click Select to choose a valid identity store name on which to configure your threshold.
Access Service
Click Select to choose a valid access service name on which to configure your threshold.
MAC Address
Click Select to choose or enter a valid MAC address on which to configure your threshold. This filter is
available only for RADIUS authentications.
available only for RADIUS authentications.
NAD Port
Click Select to choose a port for the network device on which to configure your threshold. This filter is
available only for RADIUS authentications.
available only for RADIUS authentications.
AuthZ Profile
Click Select to choose an authorization profile on which to configure your threshold. This filter is
available only for RADIUS authentications.
available only for RADIUS authentications.
AuthN Method
Click Select to choose an authentication method on which to configure your threshold. This filter is
available only for RADIUS authentications.
available only for RADIUS authentications.
EAP AuthN
Click Select to choose an EAP authentication value on which to configure your threshold. This filter is
available only for RADIUS authentications.
available only for RADIUS authentications.
EAP Tunnel
Click Select to choose an EAP tunnel value on which to configure your threshold. This filter is available
only for RADIUS authentications.
only for RADIUS authentications.
Protocol
Use the drop-down list box to configure the protocol that you want to use for your threshold. Valid options
are:
are:
•
RADIUS
•
TACACS+
Table 12-10
Passed Authentications (continued)
Option
Description
Device IP
Failed Authentication Count
a.b.c.d
13
e.f.g.h
8