What authorization rules are available on a per-user basis in 8950 AAA?
8950 AAA provides a comprehensive yet adaptable authorization mechanism on a per-user basis. You may utilize the data filters within 8950 AAA to give individual users access only to specific hosts, specific subnets, or specific networks, based on source and destination IP addresses. Additionally, authorization may be controlled based on the type of protocol such as UDP, TCP and ICMP. Authorization can also be based on the type of application such as ftp, tftp, ping, or www using source/destination ports. Call filters can be used to define what types of data traffic are considered legitimate. For example, even though a user may be permitted to send and receive ICMP data, the user may not be permitted to maintain the connection with a simple continuous ping to an interface for more than a pre-configured duration. Hence, you can open ports for other legitimate users dialing into your network. For protocols other than IP, such as IPX, 8950 AAA can describe generic filters to perform simila
Related Questions
- What kinds of policy rules can be customized on a per-user and per-group basis? What kinds of policy rules can be customized on a per-user and per-group basis?
- Are there any special rules for contractors and others who work around electricity on a regular basis?
- What kinds of policy rules can be customized on a per-user and per-group basis?
