The Cisco Secure ACS is a server-based application offering a centralized user-access control strategy for the various access gateways to your network, as shown in Figure 4-1. Cisco Secure ACS supports the user Authentication, Authorization, and Accounting (AAA) features covered in the preceding chapter and is covered in several chapters pertaining to PIX firewalls.
ACS allows the administrator to manage user access for Cisco IOS routers, firewalls, Cisco Catalyst switches, and virtual private networks (VPNs), as well as newer technologies, such as dial-up and broadband DSL, cable access solutions, voice over IP (VoIP), Cisco wireless implementations, and third-party vendor Terminal Access Controller Access Control System Plus (TACACS+) offerings.
ACS is a strategic product at Cisco, incorporating new, advanced features as they become available to increase the diversity and granularity of implementations. Current support includes user and administrative access reporting, database synchronization and user importation tools, Lightweight Directory Access Protocol (LDAP) user authentication support, dynamic quota generation, restrictions such as time of day and day of week, and user and device group profiles.
There’s no exam or practical purpose for this chapter to include detailed steps for installing, reinstalling, and upgrading Cisco Secure ACS. The network OS, ACS version, and new install versus upgrade/reinstall variables make using the most recent instructions downloaded from Cisco’s site the only prudent solution.
Experience with installing server applications, careful reading of the correct installation instructions, and cautious progress can save you the hassle of having to start all over.
This section concentrates on system requirements and preparation that would be beneficial when you choose to install Cisco Secure ACS.