Other authorization-related features – Cisco 3.3 User Manual

1-21

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 1 Overview

AAA Server Functions and Concepts

Other Authorization-Related Features

In addition to the authorization-related features discussed in this section, the
following features are provided by Cisco Secure ACS:

•

Group administration of users, with support for 500 groups (see

Chapter 6,

“User Group Management”

).

•

Ability to map a user from an external user database to a specific
Cisco Secure ACS group (see

Chapter 16, “User Group Mapping and

Specification”

).

•

Ability to disable an account after a number of failed attempts, specified by
the administrator (see

Setting Options for User Account Disablement,

page 7-20

).

•

Ability to disable an account on a specific date (see

Setting Options for User

Account Disablement, page 7-20

).

•

Ability to disable groups of users (see

Group Disablement, page 6-4

).

•

Ability to restrict time-of-day and day-of-week access (see

Setting Default

Time-of-Day Access for a User Group, page 6-5

).

•

Network access restrictions (NARs) based on remote address caller line
identification (CLID) and dialed number identification service (DNIS) (see

Setting Network Access Restrictions for a User Group, page 6-8

).

•

Downloadable ACLs for users or groups, enabling centralized, modular ACL
management (see

Downloadable IP ACLs, page 5-7

).

•

Network access filters, enabling you to apply different downloadable ACLs
and NARs based upon a user’s point of entry into your network (see

Network

Access Filters, page 5-2

).

•

IP pools for IP address assignment of end-user client hosts (see

Setting IP

Address Assignment Method for a User Group, page 6-28

).

•

Per-user and per-group TACACS+ or RADIUS attributes (see

Advanced

Options, page 3-4

).

•

Support for Voice-over-IP (VoIP), including configurable logging of
accounting data (see

Enabling VoIP Support for a User Group, page 6-4

).