beautypg.com

Session policy, Session policy options – Cisco 3.3 User Manual

Page 482

background image

Chapter 12 Administrators and Administrative Policy

Session Policy

12-16

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Session Policy

The Session Policy feature controls various aspects of Cisco Secure ACS
administrative sessions.

This section contains the following topics:

Session Policy Options, page 12-16

Setting Up Session Policy, page 12-17

Session Policy Options

You can configure the following options on the Session Policy Setup page:

Session idle timeout (minutes)—Defines the time in minutes that an
administrative session, local or remote, must remain idle before Cisco Secure
ACS terminates the connection. This parameter applies to the Cisco Secure
ACS administrative session in the browser only. It does not apply to an
administrative dial-up session.

An administrator whose administrative session is terminated receives a dialog
box asking whether or not the administrator wants to continue. If the
administrator chooses to continue, Cisco Secure ACS starts a new
administrative session.

Allow Automatic Local Login—Enables administrators to start an
administrative session without logging in if they are using a browser on the
computer running Cisco Secure ACS. Such administrative sessions are
conducted using a default administrator account named “local_login”. The
local_login administrator account has all privileges. Local administrative
sessions with automatic local login are recorded in the Administrative Audit
report under the local_login administrator name.

Note

If there are no administrator accounts defined, no administrator name
and password are required to access Cisco Secure ACS locally. This
prevents you from accidentally locking yourself out of Cisco Secure
ACS.