Cisco Systems Servers Manuale Utente

ACLs entered into the Cisco Secure ACS are protected by whatever backup or 
replication regime you have established for the Cisco Secure ACS. After you 
configure an ACL as a named shared profile component, you can include that 
ACL in any Cisco Secure ACS user, or user group, profile. When 
Cisco Secure ACS returns an attribute with a named ACL as part of a user’s 
session RADIUS access accept packet, the PIX Firewall applies that ACL to that 
user’s session. Cisco Secure ACS employs a versioning stamp for ensuring that 
the PIX Firewall has cached the latest ACL version. If a PIX Firewall responds 
that it does not have the current version of the named ACL in its cache (that is, 
the ACL is new or has changed), Cisco Secure ACS automatically uploads the 
ACL update to the PIX Firewall cache.

After you configure a downloadable PIX ACL, it can be applied against any 
number of single users or user groups.

This section contains the following procedures:

To add a downloadable PIX ACL, follow these steps:

In the navigation bar, click Shared Profile Components.

Result: The Shared Profile Components page appears.

Click Downloadable PIX ACLs.

Click Add.

Result: The Downloadable PIX ACLs page appears.

In the Name: box, type the name of the new PIX ACL.