Describe Cisco Secure ACS

Describe Cisco Secure ACS

The Cisco Secure ACS is a server-based application offering a centralized user-access control strategy for the various access gateways to your network, as shown in Figure 4-1. Cisco Secure ACS supports the user Authentication, Authorization, and Accounting (AAA) features covered in the preceding chapter and is covered in several chapters pertaining to PIX firewalls.

Click To expand
Figure 4-1: Cisco Secure ACS with an NAS AAA client

ACS allows the administrator to manage user access for Cisco IOS routers, firewalls, Cisco Catalyst switches, and virtual private networks (VPNs), as well as newer technologies, such as dial-up and broadband DSL, cable access solutions, voice over IP (VoIP), Cisco wireless implementations, and third-party vendor Terminal Access Controller Access Control System Plus (TACACS+) offerings.

ACS is a strategic product at Cisco, incorporating new, advanced features as they become available to increase the diversity and granularity of implementations. Current support includes user and administrative access reporting, database synchronization and user importation tools, Lightweight Directory Access Protocol (LDAP) user authentication support, dynamic quota generation, restrictions such as time of day and day of week, and user and device group profiles.

CiscoSecure ACS for Windows and UNIX

There’s no exam or practical purpose for this chapter to include detailed steps for installing, reinstalling, and upgrading Cisco Secure ACS. The network OS, ACS version, and new install versus upgrade/reinstall variables make using the most recent instructions downloaded from Cisco’s site the only prudent solution.

Experience with installing server applications, careful reading of the correct installation instructions, and cautious progress can save you the hassle of having to start all over.

This section concentrates on system requirements and preparation that would be beneficial when you choose to install Cisco Secure ACS.

Part III: Virtual Private Networks (VPNs)