Contents
xvi
User Guide for Cisco Security Manager 4.4
OL-28826-01
Configuring Identity Options 13-15
Creating Identity User Group Objects 13-19
Selecting Identity Users in Policies 13-21
Configuring Identity-Based Firewall Rules 13-21
Configuring Cut-Through Proxy 13-23
Collecting User Statistics 13-25
Filtering VPN Traffic with Identity-Based Rules 13-26
Monitoring Identity Firewall Policies 13-27
CHAPTER
14 Managing TrustSec Firewall Policies 14-1
Overview of TrustSec Firewall Policies 14-1
Understanding SGT and SXP Support in Cisco TrustSec 14-2
Roles in the Cisco TrustSec Solution 14-2
Security Group Policy Enforcement 14-3
About Speaker and Listener Roles 14-6
Prerequisites for Integrating an ASA with Cisco TrustSec 14-6
Configuring TrustSec Firewall Policies 14-7
Configuring Cisco TrustSec Services 14-8
Configuring Security Exchange Protocol (SXP) Settings 14-8
Defining SXP Connection Peers 14-9
Creating Security Group Objects 14-12
Selecting Security Groups in Policies 14-13
Configuring TrustSec-Based Firewall Rules 14-13
Monitoring TrustSec Firewall Policies 14-14
CHAPTER
15 Managing Firewall AAA Rules 15-1
Understanding AAA Rules 15-1
Understanding How Users Authenticate 15-2
Configuring AAA Rules for ASA, PIX, and FWSM Devices 15-4
Configuring AAA Rules for IOS Devices 15-7
AAA Rules Page 15-10
Add and Edit AAA Rule Dialog Boxes 15-13
Edit AAA Option Dialog Box 15-18
AuthProxy Dialog Box 15-18
Edit Server Group Dialog Box 15-18
AAA Firewall Settings Policies 15-19
AAA Firewall Settings Page, Advanced Setting Tab 15-19
Interactive Authentication Configuration Dialog Box 15-21
