Before you begin – Nortel Networks 5500 series User Manual

Page 152

Advertising
background image

152

Configuring groups and profiles

Each extended profile references a client filter in a one-to-one relationship.
With Nortel Secure Network Access Switch Software Release 1.6.1, you
can configure the Nortel Health Agent check result as the criterion for the
client filters, in order to establish the user’s security status.

The client filter referenced in the extended profile determines whether
the extended profile data will be applied to the user. After the user has
been authenticated and the Nortel Health Agent host integrity check has
been conducted, the Nortel SNAS checks the group’s extended profiles
in sequence, in order of the profile IDs, for a match between the client
filter conditions and the user’s security status. When it finds a match, the
Nortel SNAS applies that particular extended profile’s data to the user.
Data defined for the base profile (for example, linksets) are appended to
the extended profile’s data. If the Nortel SNAS finds no match in any of the
extended profiles, it applies the base profile data.

For information about configuring client filters, see

“Configuring client

filters” (page 162)

.

For information about configuring extended profiles, see

“Configuring

extended profiles” (page 164)

.

Before you begin

Before you configure groups, client filters, and extended profiles on the
Nortel SNAS, complete the following tasks:

Step

Action

1

Create the linksets, if desired (see

“Linksets and links” (page

234)

).

2

Create the SRS rules (see Nortel Secure Network Access Switch
4050 User Guide for the SREM (NN47230-101), ), and for BBI
(see Nortel Secure Network Access Switch Configuration —
Using the BBI (NN47230-500)).

3

If authentication services have already been configured,
ascertain the group names used by the authentication services.

Group names defined on the Nortel SNAS must correspond
to group names used by the authentication services.

Table 22

"Group names in the Nortel SNAS and authentication services"
(page 153)

summarizes the requirements for the various

authentication methods.

--End--

Nortel Secure Network Access Switch

Using the Command Line Interface

NN47230-100

03.01

Standard

28 July 2008

Copyright © 2007, 2008 Nortel Networks

.

Advertising
This manual is related to the following products:

450 series, 325 series, 425 series

Popular Brands
Popular manuals