Chapter Summary
This chapter discussed Cisco Secure ACS for Windows and Cisco Secure ACS for UNIX. The following list identifies important points that were described for each of these management products:
-
Cisco Secure ACS for Windows has the following characteristics:
-
Runs as a service on Windows NT or 2000 Server.
-
Authenticates using TACACS+ or RADIUS.
-
Cisco NAS, PIX, VPN 3000 or routers can authenticate against Cisco Secure ACS for Windows.
-
Can use usernames and passwords in the Windows NT or 2000 user database, ACS user database, token server, or NDS.
-
Installation is similar to other Windows applications (InstallShield).
-
Management is done via a web browser.
-
Supports distributed ACS systems.
-
With a remote security server for AAA, the server performs AAA, enabling easier management.
-
TACACS+, RADIUS, and Kerberos are the security server protocols supported by Cisco.
-
Troubleshooting tools include debug commands for TACACS+.
-
-
Cisco Secure ACS for UNIX has the following characteristics:
-
Provides AAA security for enterprise networks.
-
Supports both TACACS+ and RADIUS.
-
Uses the Sybase SQLAnywhere database by default and can interface with Sybase Enterprise SQL and Oracle Enterprise databases.
-
Customers can upgrade any 2.x version of Cisco Secure ACS for UNIX to the most current release.
-
Is easy to install and has a web-based GUI.
-
RADIUS databases can be imported into Cisco Secure ACS for UNIX.
-