Cisco Systems CSACS3415K9 Manual De Usuario

C H A P T E R

2-1

User Guide for Cisco Secure Access Control System 5.4

OL-26225-01

Migrating from ACS 4.x to ACS 5.4

ACS 4.x stores policy and authentication information, such as TACACS+ command sets, in the user and
user group records. In ACS 5.4, policy and authentication information are independent shared
components that you use as building blocks when you configure policies.

The most efficient way to make optimal use of the new policy model is to rebuild policies by using the
building blocks, or policy elements, of the new policy model. This method entails creating appropriate
identity groups, network device groups (NDGs), conditions, authorization profiles, and rules.

ACS 5.4 provides a migration utility to transfer data from migration-supported versions of ACS 4.x to
an ACS 5.4 machine. The ACS 5.4 migration process requires, in some cases, administrative intervention
to manually resolve data before you import it to ACS 5.4.

This process is different from the process of upgrading from versions of ACS 3.x to ACS 4.x, where the
ACS 4.x system works the same way as ACS 3.x and no administrative intervention is required.

The migration utility in ACS 5.4 supports multiple-instance migration that migrates all ACS 4.x servers
in your deployment to ACS 5.4. For more information on multiple-instance migration, see

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/migration/
guide/migration_guide.html.

Upgrade refers to the process of transferring data from ACS 5.3 servers to ACS 5.4. For information on
the upgrade process, refer to

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/installation/
guide/csacs_upg.html.

This chapter contains the following sections:

•

Overview of the Migration Process, page 2-2

•

Before You Begin, page 2-3

•

Downloading Migration Files, page 2-3

•

Migrating from ACS 4.x to ACS 5.4, page 2-3