Configuring ISG Control Policies
Prerequisites for Configuring ISG Control Policies
2
Prerequisites for Configuring ISG Control Policies
For information about release and platform support, see the “Feature Information for ISG Control
Policies” section on page 21.
Authentication, authorization, and accounting (AAA) method lists must be configured prior to defining
authentication and authorization actions.
Restrictions for Configuring ISG Control Policies
Control policies are activated for specific contexts, not directly on sessions. Control policies apply to all
sessions hosted on the context.
Only one control policy map may be applied to a given context.
Control policies can be defined only through the router’s command-line interface (CLI).
Not all actions may be associated with all events.
A new control class may not be inserted between existing control classes once a control policy map has
been defined.
Information About ISG Control Policies
Before you configure ISG control policies, you should understand the following concepts:
• Control Policies, page 2
• Uses of Control Policies, page 3
Control Policies
Control policies define the actions that the system will take in response to specified events and
conditions. For example, a control policy can be configured to authenticate specific subscribers and then
provide them with access to specific services.
A control policy is made of one or more control policy rules. A control policy rule is an association of
a control class and one or more actions. The control class defines the conditions that must be met before
the actions will be executed.
Three steps are involved in defining a control policy:
1. Create one or more control class maps.
A control class map specifies the conditions that must be met for a policy to be activated, and,
optionally, the event that causes the class to be evaluated. A control class map may contain multiple
conditions, each of which will evaluate to either true or false. Match directives can be used to specify
whether all, any, or none of the individual conditions must evaluate true in order for the class to
evaluate true.
2. Create a control policy map.
A control policy map contains one or more control policy rules. A control policy rule associates a
control class map with one or more actions. Actions are numbered and executed sequentially.
To Next Page
Loading...
Need help?
General