Cisco Systems 3.3 Manual De Usuario
2-21
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 2 Deployment Considerations
Suggested Deployment Sequence
Along with the decision to implement an external user database (or
databases), you should have detailed plans that specify your requirements for
Cisco Secure ACS database replication, backup, and synchronization. These
aspects of configuring CiscoSecure user database management are detailed in
databases), you should have detailed plans that specify your requirements for
Cisco Secure ACS database replication, backup, and synchronization. These
aspects of configuring CiscoSecure user database management are detailed in
.
•
Configure Shared Profile Components—With most aspects of network
configuration already established and before configuring user groups, you
should configure your Shared Profile Components. When you set up and
name the network access restrictions and command authorization sets you
intend to employ, you lay out an efficient basis for specifying user group and
single user access privileges. For more information about Shared Profile
Components, see
configuration already established and before configuring user groups, you
should configure your Shared Profile Components. When you set up and
name the network access restrictions and command authorization sets you
intend to employ, you lay out an efficient basis for specifying user group and
single user access privileges. For more information about Shared Profile
Components, see
•
Configure Groups—Having previously configured any external user
databases you intend to employ, and before configuring your user groups, you
should decide how to implement two other Cisco Secure ACS features related
to external user databases: unknown user processing and database group
mapping. For more information, see
databases you intend to employ, and before configuring your user groups, you
should decide how to implement two other Cisco Secure ACS features related
to external user databases: unknown user processing and database group
mapping. For more information, see
and
. Then,
you can configure your user groups with a complete plan of how Cisco Secure
ACS is to implement authorization and authentication. For more information,
see
ACS is to implement authorization and authentication. For more information,
see
.
•
Configure Users—With groups established, you can establish user accounts.
Remember that a particular user can belong to only one user group, and that
settings made at the user level override settings made at the group level. For
more information, see
Remember that a particular user can belong to only one user group, and that
settings made at the user level override settings made at the group level. For
more information, see
•
Configure Reports—Using the Reports and Activities section of the
Cisco Secure ACS HTML interface, you can specify the nature and scope of
logging that Cisco Secure ACS performs. For more information, see
Cisco Secure ACS HTML interface, you can specify the nature and scope of
logging that Cisco Secure ACS performs. For more information, see
.