Creating local users – IBM Tivoli and Cisco User Manual

332

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

The completed ruleset should look like Figure 7-100.

Figure 7-100 Untrusted

→

Trusted rule creation

11.Repeat steps 6 through 10 for the

quarantine role

and

temporary role

. Users

in this scenario, utilizing CCA, are placed in the temporary role if
noncompliant. The quarantine role is used for users not passing a network
scan, which is out of the scope of this guide.

Creating local users

CAM has the ability to perform user authentication using a variety of methods,
such as RADIUS, LDAP, Active Directory SSO, and so on.

For the purposes of this book, we use local database authentication.

1. Click User Management

→

Local Users

→

New Local User.

Note: The rules used here are specific to our lab environment. Think carefully
about what rules will need to be used in your own environment, such as DNS,
DHCP, different subnets and hosts.