Authentication items perform authentication or authentication-related
functions, such as:
Verify credentials (or
a PIN or a token)
Check SSL certificate
Verify the result of
Perform accounting, and
An authentication item usually follows a logon item or another
authentication item in an access policy. An access policy can contain any number of
An administrator that configures authentication items can make these
Specify an AAA server
(or pool in cases where high availability is supported) against which to authenticate. Access Policy Manager (APM) supports many types of AAA servers.
Inspect the SSL
certificate presented during the initial SSL handshake, or specify on-demand certificate
authentication (to re-negotiate the SSL connection). On-demand authentication is not
supported in every type of access configuration.
Select a Certificate
Revocation Location (CRL) or Online Certificate Status Protocol (OCSP) responder for
verifying revocation status.
Other configuration objects must be created before
configuring an authentication item or before a particular type of authentication is fully
configured and working.