About Authorization; About Accounting; Aaa Server And Local Database Support; C H A P T E R 13 Configuring Aaa Servers And The Local Database - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
AAA Server and Local Database Support
•
•
•
•
About Authorization
Authorization controls access per user after users authenticate. You can configure the security appliance
to authorize the following items:
•
•
•
Authorization controls the services and commands available to each authenticated user. Were you not to
enable authorization, authentication alone would provide the same access to services for all
authenticated users.
If you need the control that authorization provides, you can configure a broad authentication rule, and
then have a detailed authorization configuration. For example, you authenticate inside users who attempt
to access any server on the outside network and then limit the outside servers that a particular user can
access using authorization.
The security appliance caches the first 16 authorization requests per user, so if the user accesses the same
services during the current authentication session, the security appliance does not resend the request to
the authorization server.
About Accounting
Accounting tracks traffic that passes through the security appliance, enabling you to have a record of
user activity. If you enable authentication for that traffic, you can account for traffic per user. If you do
not authenticate the traffic, you can account for traffic per IP address. Accounting information includes
when sessions start and stop, username, the number of bytes that pass through the security appliance for
the session, the service used, and the duration of each session.
AAA Server and Local Database Support
The security appliance supports a variety of AAA server types and a local database that is stored on the
security appliance. This section describes support for each AAA server type and the local database.
This section contains the following topics:
•
Cisco Security Appliance Command Line Configuration Guide
13-2
All administrative connections to the security appliance including the following sessions:
Telnet
–
SSH
–
Serial console
–
ASDM (using HTTPS)
–
–
VPN management access
The enable command
Network access
VPN access
Management commands
Network access
VPN access
Summary of Support, page 13-3
Chapter 13
Configuring AAA Servers and the Local Database
OL-10088-01
Advertisement
Table of Contents
Troubleshooting
