Cisco Cisco Access Registrar 5.0 Hoja De Datos
Cisco Internal Use Only
Copyright © 2001 Cisco Systems, Inc. All rights reserved.
Page 5 of 9
–
EAP Proxy
•
IETF RADIUS tunnel support (RFC 2867, RFC 2868)
•
Automatic and customizable Reply-Message generation
Accounting
•
Local file
–
Store accounting records in single file or multiple files
–
Automatic file rollover based on file age, size, or specific time
•
Proxy
–
Option to ignore acknowledgements and continue processing
•
Database
–
Write accounting records directly to an Oracle or MySQL database
–
Schema independent
–
Buffering option for higher throughput and fault tolerance
Proxy/Database/LDAP Configuration
•
Define a list of remote systems to be used in failover or round-robin modes
•
Accept All, Reject All, and Drop Packet outage policies available when no remote systems are available
•
Define the individual characteristics of each remote system; for example, ports, timeouts, retries, or reactivate timers
•
Sophisticated algorithms to detect status of remote systems
Request Processing Decisions
•
Process requests using different methods; for example, use LDAP for some access requests, the internal database for others
•
Process requests using a combination of these methods; store an accounting request to a local file and proxy it to a remote RADIUS server
•
Split authentication and authorization by selecting one method for authentication and another for authorization (One-Time Password [OTP]
server and Oracle database)
•
Decide which method to use based on attributes in the request or on Cisco Access Registrar’s “environment variables”, such as source or
destination IP address or UDP port
•
Easy method selection based on DNS domain, username prefix, dialed number, calling number, or network access server (NAS), using the
Cisco Access Registrar Policy Engine
Session/Identity Tracking and Caching
•
Built-in feature to track user sessions and allocate resources
•
Enforcement of session limits per user and per group
•
Allocation of addresses from IP pools
•
Allocation of home agents and on-demand address pools
•
Real-time query of the session table using the command-line interface (CLI) or XML over UDP
•
Add custom information to the session table
•
Configure which attributes to store in the session table
•
Manual release of sessions and resources
•
Query and release sessions based on session age, username, NAS, and other criteria
•
Release sessions and generate PoD