Cisco Cisco Identity Services Engine 1.2 产品宣传页

S  규칙 이름 

조건

 

명령

 집합 

셸

 프로파일 

 

 

 

Security 

West 

DEVICE:Location 

CONTAINS

 All 

Locations#West_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/West_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/Security_Operators 

Permit_All_Commands 

ASA 관리 

 

 

 

Security 

East 

DEVICE:Location 

CONTAINS

 All 

Locations#East_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/East_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/Security_Operators 

Permit_All_Commands 

ASA 관리 

 

 

 

Admin 

West 

DEVICE:Location 

CONTAINS

 All 

Locations#West_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/West_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/Network_Operators 

Permit_All_Commands 

ASA 읽기 전용 

 

 

 

Admin 

East 

DEVICE:Location 

CONTAINS

 All 

Locations#East_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/East_Coast 

AND 

demoAD:ExternalGroups 

EQUALS

 

securitydemo.net/DemoGroups/Network_Operators 

Permit_All_Commands 

ASA 읽기 전용 

 

 

 

기본

 

일치하는

 항목이 없는 경우

 

DenyAllCommands 

 15. ASDM Authz에 대한 권한 부여 정책 

Work Centers(작업 센터) > Device Administration(디바이스 관리) > Device Admin Policy 
Sets(디바이스 관리 정책 설정)로 이동합니다. 기존 정책 집합인 ASDM Authz 를 선택하고 
[아래에 복제]합니다. 새 정책 집합이 이전 정책 집합보다 등급이 낮기 때문에 조건이 덜 세분화될 
수

 있습니다. 중복 사본을 업데이트하고 아래와 같이 디바이스 유형에 대해서만 조건을 

설정합니다

. 

 

 
 

Cisco Systems © 2016