Command Authorization Config best practice using ACS

Unanswered Question
Dec 23rd, 2008
User Badges:

Hi

Is there any best practices for configuring Command authorization (for router/switch/asa) in CS-ACS? To be specific, is there any best practices to configure authorization for a set of commands allowed for L1,L2,L3 support levels?

Regards

V Vinodh.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Tue, 12/23/2008 - 06:05
User Badges:
  • Red, 2250 points or more

Vinodh,

The main thing here is to ensure that we have backup/fall-back method configured for command authorization, inorder to avoid lockout situation or do wr mem once you are sure configs are working fine.


Please check this link,

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml





Regards,

~JG


Do rate helpful posts


Actions

This Discussion