Cisco Systems 3.3 Manual De Usuario
Chapter 2 Deployment Considerations
Basic Deployment Factors for Cisco Secure ACS
2-14
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Figure 2-8
Enterprise VPN Solution
For more information about implementing VPN solutions, see the reference guide
Remote Access Policy
Remote access is a broad concept. In general, it defines how the user can connect
to the LAN, or from the LAN to outside resources (that is, the Internet). There are
several ways this may occur. The methods include dial-in, ISDN, wireless bridges,
and secure Internet connections. Each method incurs its own advantages and
disadvantages, and provides a unique challenge to providing AAA services. This
closely ties remote access policies to the enterprise network topology. In addition
to the method of access, other decisions can also affect how Cisco Secure ACS is
deployed; these include specific network routing (access lists), time-of-day
access, individual restrictions on AAA client access, access control lists (ACLs),
and so on.
to the LAN, or from the LAN to outside resources (that is, the Internet). There are
several ways this may occur. The methods include dial-in, ISDN, wireless bridges,
and secure Internet connections. Each method incurs its own advantages and
disadvantages, and provides a unique challenge to providing AAA services. This
closely ties remote access policies to the enterprise network topology. In addition
to the method of access, other decisions can also affect how Cisco Secure ACS is
deployed; these include specific network routing (access lists), time-of-day
access, individual restrictions on AAA client access, access control lists (ACLs),
and so on.
Remote access policies can be implemented for employees who telecommute or
for mobile users who dial in over ISDN or public switched telephone network
(PSTN). Such policies are enforced at the corporate campus with Cisco Secure
ACS and the AAA client. Inside the enterprise network, remote access policies
can control wireless access by individual employees.
for mobile users who dial in over ISDN or public switched telephone network
(PSTN). Such policies are enforced at the corporate campus with Cisco Secure
ACS and the AAA client. Inside the enterprise network, remote access policies
can control wireless access by individual employees.
Internet
ISP
ISP
Tunnel
Tunnel
63493
VPN concentrator
Cisco Secure
Access Control
Server
Home office
Mobile
worker
worker