Cisco Systems 3.3 Manual De Usuario
4-3
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 4 Network Configuration
About Distributed Systems
•
CiscoSecure database replication
•
Remote and centralized logging
AAA Servers in Distributed Systems
“AAA server” is the generic term for an access control server (ACS), and the two
terms are often used interchangeably. AAA servers are used to determine who can
access the network and what services are authorized for each user. The
AAA server stores a profile containing authentication and authorization
information for each user. Authentication information validates user identity, and
authorization information determines what network services a user is permitted to
use. A single AAA server can provide concurrent AAA services to many dial-up
access servers, routers, and firewalls. Each network device can be configured to
communicate with a AAA server. This makes it possible to centrally control
dial-up access, and to secure network devices from unauthorized access.
terms are often used interchangeably. AAA servers are used to determine who can
access the network and what services are authorized for each user. The
AAA server stores a profile containing authentication and authorization
information for each user. Authentication information validates user identity, and
authorization information determines what network services a user is permitted to
use. A single AAA server can provide concurrent AAA services to many dial-up
access servers, routers, and firewalls. Each network device can be configured to
communicate with a AAA server. This makes it possible to centrally control
dial-up access, and to secure network devices from unauthorized access.
These types of access control have unique authentication and authorization
requirements. With Cisco Secure ACS, system administrators can use a variety of
authentication methods that are used with different degrees of authorization
privileges.
requirements. With Cisco Secure ACS, system administrators can use a variety of
authentication methods that are used with different degrees of authorization
privileges.
Completing the AAA functionality, Cisco Secure ACS serves as a central
repository for accounting information. Each user session granted by Cisco Secure
ACS can be fully accounted for, and its accounting information can be stored in
the server. This accounting information can be used for billing, capacity planning,
and security audits.
repository for accounting information. Each user session granted by Cisco Secure
ACS can be fully accounted for, and its accounting information can be stored in
the server. This accounting information can be used for billing, capacity planning,
and security audits.
Note
If the fields mentioned in this section do not appear in the Cisco Secure ACS
HTML interface, enable them by clicking Interface Configuration, clicking
Advanced Options, and then selecting the Distributed System Settings check
box.
HTML interface, enable them by clicking Interface Configuration, clicking
Advanced Options, and then selecting the Distributed System Settings check
box.
Default Distributed System Settings
You use both the AAA Servers table and the Proxy Distribution Table to establish
distributed system settings. The parameters configured within these tables create
the foundation to enable multiple Cisco Secure ACSes to be configured to work
distributed system settings. The parameters configured within these tables create
the foundation to enable multiple Cisco Secure ACSes to be configured to work