Okuqukethwe fihla
1 Cisco TACACS+ Secure Network Analytics
2 Isingeniso
3 Ukulungiselela
4 Izindima Zomsebenzisi Ziphelileview
5 Inqubo Iphelileview
6 Ukuxazulula inkinga
7 FAQ
8 Amadokhumenti / Izinsiza
8.1 Izithenjwa

I-Cisco-LOGO

Cisco TACACS+ Secure Network Analytics

I-Cisco-TACACS+-Secure-Network-Analytics-PRODUCT

Isingeniso

I-Terminal Access Controller Access-Control System (TACACS+) iyiphrothokholi esekela ukufakazela ubuqiniso nezinsizakalo zokugunyaza futhi ivumela umsebenzisi ukuthi afinyelele izinhlelo zokusebenza eziningi ngesethi eyodwa yokuqinisekisa. Sebenzisa imiyalelo elandelayo ukuze ulungiselele i-TACACS+ ye-Cisco Secure Network Analytics (okwakuyiwashi le-Stealth ngaphambilini).

Izilaleli
Izithameli ezihlosiwe zalo mhlahlandlela zihlanganisa abalawuli benethiwekhi nabanye abasebenzi abanomthwalo wemfanelo wokufaka nokulungisa imikhiqizo ye-Secure Network Analytics. Uma ukhetha ukusebenza nesifaki esiphrofeshinali, sicela uxhumane ne-Cisco Partner yangakini noma uthinte I-Cisco Support.

Amagama
Lo mhlahlandlela usebenzisa igama elithi "insiza" kunoma yimuphi umkhiqizo we-Secure Network Analytics, okuhlanganisa imikhiqizo ebonakalayo efana ne-Cisco Secure Network Analytics Flow Sensor Virtual Edition. “Iqoqo” iqembu lakho lezinto zikagesi ze-Secure Network Analytics eziphethwe Umphathi we-Cisco Secure Network Analytics (owayekade eyi-Steal thwatch Management Console noma i-SMC).

Ku-v7.4.0 senze kabusha imikhiqizo yethu yewashi le-Cisco Stealth Enterprise yaba yi-Cisco Secure Network Analytics. Ukuze uthole uhlu oluphelele, bheka Amanothi Okukhishwa. Kulo mhlahlandlela, uzobona igama lomkhiqizo wethu wangaphambilini wewashi le-Stealth, elisetshenziswa noma nini lapho kudingeka ukuze kugcinwe ukucaca, kanye namagama afana ne-Stealth watch Management Console kanye ne-SMC.

Ukuhambisana
Ukuze uthole ukuqinisekiswa kwe-TACACS+ nokugunyazwa, qiniseka ukuthi bonke abasebenzisi bangena ngoMphathi. Ukuze ungene entweni esebenza ngokuqondile futhi usebenzise I-Appliance Administration, ngena endaweni yangakini. Izici ezilandelayo azitholakali uma i-TACACS+ inikwe amandla: I-FIPS, Imodi Yokuthobela.

Ukuphathwa Kwempendulo
Ukuphathwa Kwempendulo kulungiselelwe kuMphathi wakho. Ukuze uthole izexwayiso ze-imeyili, imibiko ehleliwe, njll. qiniseka ukuthi umsebenzisi ulungiselelwe njengomsebenzisi wendawo kuMphathi. Iya kokuthi Lungiselela > Ukuthola > Ukulawulwa Kwezimpendulo, bese ubhekisela kokuthi Usizo ukuze uthole imiyalelo.

I-Failover
Sicela uqaphele ulwazi olulandelayo uma ulungiselele Abaphathi bakho njengokubhanqwa kwe-failiver:

  • I-TACACS+ itholakala kuphela kuMphathi oyinhloko. I-TACACS+ ayisekelwe kuMphathi wesibili.
  • Uma i-TACACS+ ilungiselelwe kuMphathi oyinhloko, ulwazi lomsebenzisi we-TACACS+ alutholakali kuMphathi wesibili. Ngaphambi kokuthi usebenzise izinsizakalo zokuqinisekisa zangaphandle ezimisiwe kuMphathi wesibili, udinga ukukhuphula Umphathi wesibili ukuya kweyinhloko.
  • Uma ukhuphulela Umphathi wesibili kuya kokuyinhloko:
  • Nika amandla i-TACACS+ kanye nokugunyazwa okukude kuMphathi wesibili.
  • Noma yibaphi abasebenzisi bangaphandle abangene kuMphathi oyinhloko owehlisiwe bazokhishwa.
  • Umphathi wesibili akayigcini idatha yomsebenzisi evela kuMphathi oyinhloko, ngakho-ke noma iyiphi idatha elondolozwe kuMphathi oyinhloko ayitholakali kuMphathi oyinhloko (onyusiwe) omusha.
  • Uma umsebenzisi wesilawuli kude engene kuMphathi oyinhloko omusha okokuqala ngqa, uhla lwemibhalo lomsebenzisi luzokwenziwa futhi idatha ilondolozwe ukuya phambili.
  • Review Imiyalo ye-Failover: Ukuze uthole ulwazi olwengeziwe, bheka ku-Failover Configuration Guide.

Ukulungiselela

Ungakwazi ukumisa i-TACACS+ ku-Cisco Identity Services Engine (ISE). Sincoma ukusebenzisa i-Cisco Identity Services Engine (ISE) ukuze kuqinisekiswe indawo eyodwa nokugunyazwa. Nokho, ungase futhi usebenzise iseva ezimele ye-TACACS+ noma uhlanganise noma iyiphi enye iseva yokuqinisekisa ehambisanayo ngokuya ngezidingo zakho ezithile.

Qiniseka ukuthi unakho konke okudingayo ukuze uqale ukumisa.

Imfuneko Imininingwane
I-Cisco Identity Services Engine (ISE) Faka futhi ulungiselele i-ISE usebenzisa imiyalo eku- Imibhalo ye-ISE ye injini yakho.Uzodinga ikheli lasesizindeni se-inthanethi, imbobo, kanye nokhiye oyimfihlo owabiwe ukuze ucushwe. Uzodinga futhi ilayisensi Yokuphatha Idivayisi.
Iseva ye-TACACS+ Uzodinga ikheli le-IP, imbobo, kanye nokhiye oyimfihlo owabiwe ukuze ucushwe.
Iklayenti ledeskithophu Uzosebenzisa Iklayenti Ledeskithophu kulokhu kulungiselelwa uma ufuna ukusebenzisa izindima zedeskithophu yangokwezifiso. Ukufaka iKlayenti ledeskithophu, bheka ku I-Cisco Secure Network Analytics Umhlahlandlela Wokucushwa Kwesistimu olufana nenguqulo yakho ye-Secure Network Analytics.

Izindima Zomsebenzisi Ziphelileview

Lo mhlahlandlela uhlanganisa imiyalelo yokumisa abasebenzisi bakho be-TACACS+ ukuze bagunyazwe ukude nokugunyazwa. Ngaphambi kokuthi uqale ukucushwa, phindaview imininingwane ekulesi sigaba ukuze uqinisekise ukuthi ulungiselela abasebenzisi bakho ngendlela efanele.

Ilungiselela Amagama Omsebenzisi
Ukuze uthole ukuqinisekiswa okukude nokugunyazwa, ungamisa abasebenzisi bakho ku-ISE. Ukuze uthole ukuqinisekiswa kwendawo nokugunyazwa, lungiselela abasebenzisi bakho kuMphathi.

  • Kude: Ukuze ulungiselele abasebenzisi bakho ku-ISE, landela imiyalo kulo mhlahlandlela wokucushwa.
  • Indawo: Ukuze ulungiselele abasebenzisi bakho endaweni kuphela, ngena kuMphathi. Kumenyu enkulu, khetha okuthi Lungiselela > Umhlaba jikelele > Ukuphathwa komsebenzisi. Khetha Usizo ukuze uthole imiyalelo.

Amagama Abasebenzisi Azwelayo
Uma ulungiselela abasebenzisi berimothi, nika amandla ukuzwela kwekesi kuseva yesilawuli kude. Uma unganiki amandla ukuzwela kwekesi kuseva ekude, abasebenzisi bangase bangakwazi ukufinyelela idatha yabo lapho bengena ku-Secure Network Analytics.

Amagama Omsebenzisi Ayimpinda

  • Kungakhathaliseki ukuthi ulungisa amagama abasebenzisi ukude (ku-ISE) noma endaweni (kuMphathi), qiniseka ukuthi wonke amagama abasebenzisi ahlukile. Asincomi ukuphinda amagama abasebenzisi kuwo wonke amaseva akude kanye ne-Secure Network Analytics.
  • Uma umsebenzisi engena kuMphathi, futhi unegama lomsebenzisi elifanayo elilungiselelwe kokuthi Secure Network Analytics kanye ne-ISE, bazofinyelela kuphela idatha yabo yendawo yoMphathi/Vikela Inethiwekhi Yezibalo. Abakwazi ukufinyelela idatha yabo ye-TACACS+ ekude uma igama labo lomsebenzisi liyimpinda.

Izinguqulo Zangaphambilini

  • Uma ulungiselele i-TACACS+ kunguqulo yangaphambilini ye-Cisco Secure Network Analytics (Steal thwatch v7.1.1 nangaphambili), qiniseka ukuthi udala abasebenzisi abasha abanamagama ahlukile e-v7.1.2 nakamuva. Asincomi ukusebenzisa noma ukuphinda amagama abasebenzisi ezinguqulweni zangaphambili ze-Secure Network Analytics.
  • Ukuze uqhubeke nokusebenzisa amagama abasebenzisi adalwe ku-v7.1.1 nangaphambilini, sincoma ukuthi uwashintshe abe sendaweni kuphela kuMphathi wakho oyinhloko kanye neKlayenti ledeskithophu. Bheka Usizo ukuze uthole imiyalelo.

Ilungiselela Identity Groups and Users
Ukuze uthole ukungena ngemvume komsebenzisi ogunyaziwe, uzobeka i-shell profiles kubasebenzisi bakho. Ngochwepheshe ngamunye wegobolondofile, ungabela indima yomphathi oyinhloko noma udale inhlanganisela yezindima ezingezona ezokuphatha. Uma wabela indima Yomphathi Oyinhloko kuchwepheshe wegobolondofile, azikho izindima ezengeziwe ezivunyelwe. Uma udala inhlanganisela yezindima okungezona ezokuphatha, qiniseka ukuthi ihlangabezana nezidingo.

Iqhaza Lokuphatha Eliyinhloko
Umphathi Oyinhloko angakwazi view konke ukusebenza futhi ushintshe noma yini. Uma wabela indima Yomphathi Oyinhloko kuchwepheshe wegobolondofile, azikho izindima ezengeziwe ezivunyelwe.

Iqhaza Isibaluli senani
Umlawuli Oyinhloko cisco-stealth watch-master-admin

Inhlanganisela Yezindima Ezingezona Abaphathi
Uma udala inhlanganisela yezindima ezingezona ezokuphatha zeshell yakho profile, qiniseka ukuthi ihlanganisa okulandelayo:

  • 1 indima yedatha (kuphela)
  • 1 noma ngaphezulu Web indima
  • 1 noma ngaphezulu indima Yeklayenti Ledeskithophu

Ukuze uthole imininingwane, bheka ithebula Lamanani Esibaluli.

Uma wabela indima Yomphathi Oyinhloko kuchwepheshe wegobolondofile, azikho izindima ezengeziwe ezivunyelwe. Uma udala inhlanganisela yezindima okungezona ezokuphatha, qiniseka ukuthi ihlangabezana nezidingo.

Sibaluli Amanani
Ukuze uthole ulwazi olwengeziwe mayelana nohlobo ngalunye lwendima, chofoza isixhumanisi kukholomu Yezindima Ezidingekayo.

Izindima Ezidingekayo Isibaluli senani
1 indima yedatha (kuphela)
  •  iwashi le-cisco-stealth-yonke-idatha-funda futhi ubhale
  • Cisco-stealth watch-yonke-data-read-only
1 noma ngaphezulu Web indima
  • cisco-stealth watch-configuration-manager
  • cisco-stealth watch-power-analyst
  • cisco-stealth watch-analyst
1 noma ngaphezulu indima Yeklayenti Ledeskithophu
  • cisco-stealth watch-desktop-stealth watch-power-user
  • cisco-stealth watch-desktop-configuration-manager
  • cisco-stealth watch-desktop-network-engineer
  • cisco-stealth watch-desktop-security-analyst

Isifinyezo Sezindima
Sinikeze isifinyezo sendima ngayinye kumathebula alandelayo. Ukuze uthole ulwazi olwengeziwe mayelana nezindima zabasebenzisi ku-Secure Network Analytics, kabushaview ikhasi Lokuphatha Umsebenzisi kokuthi Usizo.

Izindima Zedatha
Qiniseka ukuthi ukhetha indima eyodwa kuphela yedatha.

Iqhaza Ledatha Izimvume
 

Yonke Idatha (Funda Kuphela)

 Umsebenzisi angakwazi view idatha kunoma yisiphi isizinda noma iqembu lomsingathi, noma kunoma iyiphi into esetshenziswayo noma idivayisi, kodwa ayikwazi ukwenza noma yikuphi ukucupha.
 

Yonke Idatha (Funda futhi Ubhale)

 Umsebenzisi angakwazi view futhi ulungise idatha kunoma isiphi isizinda noma iqembu lokusingatha, noma kunoma iyiphi into esetshenziswayo noma idivayisi.

Umsebenzi othize (ukusesha kokugeleza, ukuphathwa kwenqubomgomo, ukuhlukaniswa kwenethiwekhi, njll.) umsebenzisi angakwazi view kanye/noma ukulungisa kunqunywa okomsebenzisi web indima.

Web Izindima

Web Iqhaza Izimvume
Power Analyst I-Power Analyst ingenza uphenyo lokuqala lwethrafikhi nokugeleza kanye nokulungiselela izinqubomgomo namaqembu abasingathi.
Umphathi Wokucushwa I-Configuration Manager ingakwazi view ukusebenza okuhlobene nokucushwa.
Umhlaziyi Umhlaziyi angenza uphenyo lokuqala mayelana nethrafikhi nokugeleza.

Izindima Zeklayenti Ledeskithophu

Web Iqhaza Izimvume
Umphathi Wokucushwa I-Configuration Manager ingakwazi view zonke izinto zemenyu futhi ulungiselele zonke izinto zikagesi, amadivayisi, nezilungiselelo zesizinda.
Unjiniyela Wenethiwekhi Unjiniyela Wenethiwekhi angakwazi view zonke izinto zemenyu ezihlobene nethrafikhi ngaphakathi Kweklayenti Ledeskithophu, faka i-alamu namanothi okusingatha, futhi wenze zonke izenzo ze-alamu, ngaphandle kokunciphisa.
Umhlaziyi Wezokuphepha Umhlaziyi Wezokuphepha angakwazi view zonke izinto zemenyu ezihlobene nokuvikeleka, faka i-alamu namanothi okusingatha, futhi wenze zonke izenzo ze-alamu, okuhlanganisa ukunciphisa.
Vikela Umsebenzisi Wamandla Wezibalo Zenethiwekhi I-Secure Network Analytics Power User can view zonke izinto zemenyu, yazisa ama-alamu, bese wengeza i-alamu namanothi okusingatha, kodwa ngaphandle kwekhono lokushintsha noma yini.

Inqubo Iphelileview

Ungakwazi ukumisa i-Cisco ISE ukuhlinzeka nge-TACACS+. Ukuze ulungiselele ngempumelelo izilungiselelo ze-TACACS+ futhi ugunyaze i-TACACS+ kokuthi Secure Network Analytics, qiniseka ukuthi ugcwalisa izinqubo ezilandelayo:

Lungiselela i-TACACS+ ku-ISE
Sebenzisa le miyalelo elandelayo ukuze ulungiselele i-TACACS+ ku-ISE. Lokhu kulungiselelwa kwenza abasebenzisi bakho be-TACACS+ abakude ku-ISE bakwazi ukungena ku-Secure Network Analytics.

Ngaphambi kokuthi Uqale
Ngaphambi kokuthi uqale le miyalo, faka futhi ulungiselele i-ISE usebenzisa imiyalo emibhalweni ye-ISE yenjini yakho. Lokhu kuhlanganisa ukuqinisekisa ukuthi izitifiketi zakho zimiswe ngendlela efanele.

Amagama Abasebenzisi

  • Kungakhathaliseki ukuthi ulungisa amagama abasebenzisi ukude (ku-ISE) noma endaweni (kuMphathi), qiniseka ukuthi wonke amagama abasebenzisi ahlukile. Asincomi ukuphinda amagama abasebenzisi kuwo wonke amaseva akude kanye ne-Secure Network Analytics.
  • Amagama Omsebenzisi Ayimpinda: Uma umsebenzisi engena kuMphathi, futhi unegama lomsebenzisi elifanayo elilungiselelwe kokuthi Secure Network Analytics kanye ne-ISE, bazofinyelela kuphela kuMphathi wabo wendawo/Inethiwekhi Evikelekile.
  • Idatha yezibalo. Abakwazi ukufinyelela idatha yabo ye-TACACS+ ekude uma igama labo lomsebenzisi liyimpinda.
  • Amagama Omsebenzisi Azwelayo: Uma ulungiselela abasebenzisi abakude, vumela ukuzwela kwekesi kuseva ekude. Uma unganiki amandla ukuzwela kwekesi kuseva ekude, abasebenzisi bangase bangakwazi ukufinyelela idatha yabo lapho bengena ku-Secure Network Analytics.

Izindima Zomsebenzisi
Ngochwepheshe ngamunye we-TACACS+file ku-ISE, ungabela indima yomlawuli oyinhloko noma udale inhlanganisela yezindima ezingezona ezokuphatha.

Uma wabela indima Yomphathi Oyinhloko kuchwepheshe wegobolondofile, azikho izindima ezengeziwe ezivunyelwe. Uma udala inhlanganisela yezindima okungezona ezokuphatha, qiniseka ukuthi ihlangabezana nezidingo. Ukuze uthole ulwazi olwengeziwe mayelana nezindima zabasebenzisi, bheka ku-User Roles Overview.

Nika amandla Ukuphathwa Kwedivayisi ku-ISE
Sebenzisa le miyalelo elandelayo ukwengeza insiza ye-TACACS+ ku-ISE.

  1. Ngena ngemvume ku-ISE yakho njengomphathi.
  2. Khetha Izikhungo Zokusebenza > Ukulawulwa Kwedivayisi > Ngaphezuluview.
    Uma Ukuphathwa Kwedivayisi kungaboniswa Ezikhungweni Zomsebenzi, hamba kokuthi Uhlelo Lokuphatha > Ukunikeza Ilayisense. Esigabeni sokulayisensa, qinisekisa ukuthi ilayisensi yokuphatha idivayisi iyaboniswa. Uma ingaboniswa, engeza ilayisense ku-akhawunti yakho.
  3.  Khetha Ukuthunyelwa.I-Cisco-TACACS+-Secure-Network-Analytics- (1)
  4. Khetha Wonke AmaNode Wesevisi Yenqubomgomo noma AmaNodi Akhethekile.
  5. Emkhakheni Wezimbobo ze-TACACS, faka u-49. I-Cisco-TACACS+-Secure-Network-Analytics- (2)
  6. Chofoza Londoloza.

 Dala i-TACACS+ Profiles
Sebenzisa imiyalelo elandelayo ukuze wengeze i-TACACS+ shell profiles kuya ku-ISE. Uzophinda usebenzise le miyalo ukuze unikeze izindima ezidingekayo ku-shell profile.

  1. Khetha Izikhungo Zokusebenza > Ukuphathwa Kwedivayisi > Izinto Zenqubomgomo.
  2. Khetha Imiphumela > I-TACACS Profiles.
  3. Chofoza Engeza.
  4. Esigabeni seGama, faka igama lomsebenzisi eliyingqayizivele.
    Ukuze uthole imininingwane mayelana namagama abasebenzisi bheka ku-User Roles Overview. I-Cisco-TACACS+-Secure-Network-Analytics- (3)
  5. Kokudonsela phansi Kohlobo Lomsebenzi Ovamile, khetha u-Shell.
  6. Esigabeni Sezimfanelo Ngokwezifiso, chofoza Engeza.
  7. Esigabeni esithi Uhlobo, khetha Okuphoqelekile.
  8. Esigabeni seGama, faka indima.
  9. Esigabeni senani, faka inani lesibaluli Somlawuli Oyinhloko noma yakha inhlanganisela yezindima ezingezona ezomlawuli.
    • Londoloza: Chofoza isithonjana esithi Hlola ukuze ulondoloze indima.
    • Inhlanganisela Yezindima Ezingezona Ezomphathi: Uma udala inhlanganisela yezindima ezingezona ezokuphatha, phinda izinyathelo 5 kuya ku-8 uze ungeze umugqa wendima ngayinye edingekayo (Indima yedatha, Web indima, kanye neqhaza Leklayenti Ledeskithophu).

I-Cisco-TACACS+-Secure-Network-Analytics- (4)

Iqhaza Lokuphatha Eliyinhloko
Umphathi Oyinhloko angakwazi view konke ukusebenza futhi ushintshe noma yini. Uma wabela indima Yomphathi Oyinhloko kuchwepheshe wegobolondofile, azikho izindima ezengeziwe ezivunyelwe.

Iqhaza Isibaluli senani
Umlawuli Oyinhloko cisco-stealth watch-master-admin

Inhlanganisela Yezindima Ezingezona Abaphathi

Uma udala inhlanganisela yezindima ezingezona ezokuphatha zeshell yakho profile, qiniseka ukuthi ihlanganisa okulandelayo:

  • 1 Indima yedatha (kuphela): qiniseka ukuthi ukhetha indima eyodwa kuphela yedatha
  • 1 noma ngaphezulu Web indima
  • 1 noma ngaphezulu indima Yeklayenti Ledeskithophu
Izindima Ezidingekayo Isibaluli senani
 

1 indima yedatha (kuphela)
  • iwashi le-cisco-stealth-yonke-idatha-funda futhi ubhale
  • Cisco-stealth watch-yonke-data-read-only
 

1 noma ngaphezulu Web indima
  • cisco-stealth watch-configuration-manager
  • cisco-stealth watch-power-analyst
  • cisco-stealth watch-analyst
 

1 noma ngaphezulu indima Yeklayenti Ledeskithophu
  • cisco-stealth watch-desktop-stealth watch-power-user
  • cisco-stealth watch-desktop-configuration-manager
  • cisco-stealth watch-desktop-network-engineer
  • cisco-stealth watch-desktop-security-analyst

Uma wabela indima Yomphathi Oyinhloko kuchwepheshe wegobolondofile, azikho izindima ezengeziwe ezivunyelwe. Uma udala inhlanganisela yezindima okungezona ezokuphatha, qiniseka ukuthi ihlangabezana nezidingo.

Chofoza Londoloza.

  1. Phinda izinyathelo kokuthi 2. Dala i-TACACS+ Profiles ukwengeza noma iyiphi i-TACACS+ igobolondo elingeziwefiles kuya ku-ISE.

Ngaphambi kokuthi uqhubekele ku-3. I-Map Shell Profiles kumaQembu noma Abasebenzisi, udinga ukudala Abasebenzisi, Iqembu Lokuhlonza Umsebenzisi (ongakukhetha), kanye namasethi omyalo we-TACACS+. Ukuze uthole imiyalelo yokuthi ungabakha kanjani Abasebenzisi, I-User Identity Group, namasethi womyalo we-TACACS+, bheka imibhalo ye-ISE yenjini yakho.

 Imephu Shell Profiles kumaQembu noma Abasebenzisi
Sebenzisa imiyalelo elandelayo ukuze wenze imephu ye-shell pro yakhofiles emithethweni yakho yokugunyazwa.

  1. Khetha Izikhungo Zokusebenza > Ukuphathwa Kwedivayisi > Izilungiselelo Zenqubomgomo Yokulawula Idivayisi.
  2. Thola igama lesethi yenqubomgomo yakho. Chofoza u- I-Cisco-TACACS+-Secure-Network-Analytics- (5)Isithonjana somcibisholo.
  3. Thola inqubomgomo yakho yokugunyazwa. Chofoza u-I-Cisco-TACACS+-Secure-Network-Analytics- (5)Isithonjana somcibisholo.
  4. Chofoza isithonjana esithi + Plus.I-Cisco-TACACS+-Secure-Network-Analytics- (6)
  5. Enkambini yeZimo, chofoza isithonjana + Plus. Lungiselela izimo zenqubomgomo.
    • I-User Identity Group: Uma ulungiselele i-ID yeqembu lomsebenzisi, ungakha isimo esifana nokuthi "Internal User.Identity Group".
      Okwesiboneloample, “Umsebenzisi Wangaphakathi. I-Identity Group EQUALS ” ukuze ufane neqembu elithile lomazisi lomsebenzisi.
    • Umsebenzisi Ngamunye: Uma ulungiselele umsebenzisi oyedwa, ungakha umbandela njengokuthi "Umsebenzisi Wangaphakathi. Igama".
      Okwesiboneloample, “Umsebenzisi Wangaphakathi. Igama EQUALS ” ukufanisa umsebenzisi othile.
      Usizo: Ukuze uthole imiyalo Yesitudiyo Semibandela, chofoza okuthi ? Isithonjana sosizo.
  6. KuShell Profiles, khetha i-shell profile udale ngo-2. Dala i-TACACS+ Profiles.
  7. Phinda izinyathelo ku-3. I-Map Shell Profiles kumaqembu noma Abasebenzisi uze wenze imephu yonke i-shell profiles emithethweni yakho yokugunyazwa.

Engeza i-Secure Network Analytics njengedivayisi yenethiwekhi

  1. Khetha Ukuphatha > Izinsiza Zenethiwekhi > Amadivayisi Enethiwekhi.
  2. Khetha Amadivayisi Enethiwekhi, chofoza okuthi +Engeza.
  3. Qedela ulwazi loMphathi wakho oyinhloko, kuhlanganise nezinkambu ezilandelayo:
    • Igama: Faka igama loMphathi wakho.
    • Ikheli lasesizindeni se-inthanethi: Faka ikheli le-IP yesiphathi.
    • Imfihlo eyabiwe: Faka ukhiye oyimfihlo okwabelwana ngawo.
  4. Chofoza Londoloza.
  5. Qinisekisa ukuthi idivayisi yenethiwekhi ilondolozwe kuhlu lwamadivayisi enethiwekhi.I-Cisco-TACACS+-Secure-Network-Analytics- (7)
  6. Iya kokuthi 2. Nika amandla ukugunyazwa kwe-TACACS+ kokuthi Secure Network Analytics.

Nika amandla i-TACACS+ Ukugunyazwa kokuthi Secure

Izibalo Zenethiwekhi
Sebenzisa imiyalelo elandelayo ukuze ungeze iseva ye-TACACS+ kokuthi Vikela Izibalo Zenethiwekhi futhi unike amandla ukugunyazwa okukude.
Umphathi Oyinhloko kuphela ongangeza iseva ye-TACACS+ kokuthi Secure Network Analytics.
Ungakwazi ukwengeza iseva eyodwa kuphela ye-TACACS+kusevisi yokuqinisekisa ye-TACACS+.

  1. Ngena ngemvume kuMphathi wakho oyinhloko.
  2. Kumenyu enkulu, khetha okuthi Lungiselela > Umhlaba jikelele > Ukuphathwa komsebenzisi.
  3. Chofoza ithebhu yokuqinisekisa nokugunyaza.
  4. Chofoza okuthi Dala. Khetha Isevisi Yokuqinisekisa.
  5. Chofoza ukudonsela phansi kwesevisi yokuqinisekisa. Khetha i-TACACS+.
  6. Qedela izinkambu:
    Inkambu Amanothi
    Isevisi yokuqinisekisa
    Igama Faka igama eliyingqayizivele ukuze uhlonze iseva.
    Incazelo Faka incazelo ecacisa ukuthi iseva isetshenziswa kanjani noma kungani.
    Isikhathi Sokuphela Kwenqolobane (Amasekhondi) Inani lesikhathi (kumasekhondi) igama lomsebenzisi noma iphasiwedi ethathwa njengevumelekile ngaphambi kokuthi I-Secure Network Analytics idinga ukuphinda kufakwe ulwazi.
    Isiqalo Le nkambu uyazikhethela. Iyunithi yezinhlamvu yesiqalo ibekwa ekuqaleni kwegama lomsebenzisi lapho igama lithunyelwa kuseva ye-RADIUS noma ye-TACACS+. Okwesiboneloample, uma igama lomsebenzisi lingu zoe futhi isiqalo sombuso sithi DOMAIN-
    A\, igama lomsebenzisi DOMAIN-A\zoe lithunyelwa kuseva. Uma ungayilungisi inkambu Yesiqalo, igama lomsebenzisi kuphela elithunyelwa kuseva.
    Isijobelelo Le nkambu uyazikhethela. Iyunithi yezinhlamvu zesijobelelo ibekwe ekugcineni kwegama lomsebenzisi. Okwesiboneloample, uma isijobelelo siyi  mydomain.com, igama lomsebenzisi zoe@mydomain.com ithunyelwa kuseva ye-TACACS+. Uma ungayilungisi inkambu yesijobelelo, igama lomsebenzisi kuphela elithunyelwa kuseva.
    Iseva
    Ikheli le-IP Sebenzisa amakheli e-IPv4 noma e-IPv6 lapho ulungiselela amasevisi okuqinisekisa.
    Itheku Faka noma yiziphi izinombolo ezisuka ku-0 kuye ku-65535 ezihambisana nembobo esebenzayo.
    Ukhiye Oyimfihlo Faka ukhiye oyimfihlo owalungiselelwa iseva esebenzayo.
  7.  Chofoza Londoloza.
    Iseva entsha ye-TACACS+ iyengezwa, kanye nolwazi lwezibonisi zeseva.
  8.  Chofoza imenyu ye-Actions yeseva ye-TACACS+.
  9. Khetha okuthi Nika amandla ukugunyazwa kwesilawuli kude kumenyu yokudonsela phansi.
  10. Landela imiyalo esesikrinini ukuze unike amandla i-TACACS+.

Hlola i-TACACS+ yesilawuli kude sokungena komsebenzisi
Sebenzisa imiyalelo elandelayo ukuze ungene kuMphathi. Ukuze uthole ukugunyazwa okukude kwe-TACACS+, qiniseka ukuthi bonke abasebenzisi bangena ngoMphathi.

Ukuze ungene entweni esebenza ngokuqondile futhi usebenzise I-Appliance Administration, ngena endaweni yangakini.

  1. Emkhakheni wamakheli wesiphequluli sakho, bhala lokhu okulandelayo: https://okulandelwa ikheli le-IP loMphathi wakho.
  2. Faka igama lomsebenzisi nephasiwedi yomsebenzisi okude we-TACACS+.
  3. Uma umsebenzisi engakwazi ukungena kuMphathi, phindaview ingxenye yokuxazulula izinkinga.

Ukuxazulula inkinga

Uma uhlangabezana nanoma yisiphi salezi zimo zokuxazulula inkinga, xhumana nomlawuli wakho ukuze uphindeview ukucushwa okunezixazululo esizinikeze lapha. Uma umlawuli wakho engakwazi ukuxazulula izinkinga, sicela uthinte I-Cisco Support.

Izimo

Isimo Amanothi
Umsebenzisi othize we-TACACS+ akakwazi ukungena ngemvume
  •  Review i-Audit Log yokwehluleka kokungena komsebenzisi nge Imephu Engekho emthethweni or Akuvumelekile Inhlanganisela Yezindima. Lokhu kungenzeka uma igobolondo leqembu lomazisifile ihlanganisa Umlawuli Oyinhloko nezindima ezengeziwe, noma uma inhlanganisela yezindima ezingezona ezokuphatha ingahlangabezani nezimfuneko. Bukela ku Izindima Zomsebenzisi Kuphelileview ukuze uthole imininingwane.
  •  Qiniseka ukuthi igama lomsebenzisi we-TACACS+ alifani negama lomsebenzisi lendawo (Secure Network Analytics). Bukela ku Izindima Zomsebenzisi Ziphelileview ukuze uthole imininingwane.
Bonke abasebenzisi be-TACACS+ abakwazi ukungena ngemvume
  •  Hlola ukulungiselelwa kwe-TACACS+ kokuthi Secure Network Analytics.
  •  Hlola ukucushwa kuseva ye-TACACS+.
  •  Qiniseka ukuthi iseva ye-TACACS+ iyasebenza.
  •  Qiniseka ukuthi isevisi ye-TACACS+ inikwe amandla ku-Secure Network Analytics:
  •  Kungaba neziphakeli eziningi zokuqinisekisa ezichazwe, kodwa eyodwa kuphela enganikwa amandla ukuze igunyazwe. Bukela ku 2. Nika amandla i-TACACS+ Ukugunyazwa ku Vikela Izibalo Zenethiwekhi ukuze uthole imininingwane.
  •  Ukuze unike amandla ukugunyazwa kweseva ethile ye-TACACS+, bheka 2. Vumela I-TACACS+ Ukugunyazwa kokuthi Secure Izibalo Zenethiwekhi ukuze uthole imininingwane.
 

Uma umsebenzisi engena, angakwazi ukufinyelela kuphela Umphathi endaweni

 Uma umsebenzisi ekhona onegama lomsebenzisi elifanayo kokuthi Secure Network Analytics (yasendaweni) kanye neseva ye-TACACS+ (ekude), ukungena ngemvume kwasendaweni kukhipha ukungena ngemvume kwesilawuli kude. Bukela ku Izindima Zomsebenzisi Ziphelileview ukuze uthole imininingwane.

Ixhumana Nosekelo
Uma udinga ukwesekwa kobuchwepheshe, sicela wenze okukodwa kokulandelayo:

Shintsha Umlando

Inguqulo Yedokhumenti Usuku Lokushicilela Incazelo
1_0 Agasti 21, 2025 Uhlobo lokuqala.

Ulwazi Lwelungelo Lobunikazi
I-Cisco kanye nelogo ye-Cisco yizimpawu zokuthengisa noma izimpawu zokuthengisa ezibhalisiwe ze-Cisco kanye/noma izinhlaka zayo e-US nakwamanye amazwe. Kuya view uhlu lwezimpawu zokuthengisa ze-Cisco, hamba kulokhu URL: https://www.cisco.com/go/trademarks. Izimpawu zokuthengisa zezinkampani zangaphandle ezishiwo ziyimpahla yabanikazi bazo. Ukusetshenziswa kwegama elithi uzakwethu akusho ubudlelwano bokusebenzisana phakathi kweCisco nanoma iyiphi enye inkampani. (1721R)

© 2025 Cisco Systems, Inc. kanye/noma amanxusa ayo. Wonke Amalungelo Agodliwe.

FAQ

Ingabe i-TACACS+ ingasetshenziswa ne-Compliance Mode enikwe amandla?

Cha, ukuqinisekiswa kwe-TACACS+ nokugunyazwa akusekeli Imodi Yokuthobela. Qinisekisa ukuthi i-Compliance Mode ivaliwe uma usebenzisa i-TACACS+.

Amadokhumenti / Izinsiza

Cisco TACACS+ Secure Network Analytics [pdf] Umhlahlandlela Womsebenzisi
7.5.3, I-TACACS Secure Network Analytics, TACACS, Secure Network Analytics, Network Analytics, Analytics

Izithenjwa

Shiya amazwana

Ikheli lakho le-imeyili ngeke lishicilelwe. Izinkambu ezidingekayo zimakiwe *