Cisco Cisco Aironet 350 Wireless Bridge 데이터 시트
Data Sheet
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 4
and extends security authentication, authorization, and accounting (AAA) from the perimeter of the
network to every connection point inside the LAN. New policy controls (such as per-user quotas,
VLAN assignments, and access-control lists [ACLs]) can be deployed within this new architecture,
because of the extended capabilities of Cisco switches and wireless access points to query Cisco
Secure ACS over the RADIUS protocol.
Cisco Secure ACS is also an important component of
Cisco Network Admission Control (NAC)
.
Cisco NAC is an industry initiative sponsored by Cisco that uses the network infrastructure to
enforce security-policy compliance on all devices seeking to access network computing resources,
thereby limiting damage from viruses and worms. With NAC, customers can choose to allow
network access only to compliant and trusted endpoint devices (for instance, PCs, servers, and
personal digital assistants) and can restrict the access of noncompliant devices. Cisco NAC is part
of the Cisco Self-Defending Network initiative and is the foundation for enabling network admission
control on Layer 2 and Layer 3 networks. Future phases extend endpoint and network security
interoperation to include dynamic incident-containment capabilities. This innovation enables
compliant system elements to report misuse emanating from rogue or infected systems during an
attack. Thus, infected systems can be dynamically quarantined from the rest of the network to
significantly reduce virus, worm, and blended threat propagation.
Cisco Secure ACS is a powerful access control server with many high-performance and scalability
features for any organization growing its WAN or LAN. Table 1 lists the main benefits of Cisco
Secure ACS.
Table 1.
Main Cisco Secure ACS Benefits
Benefit
Description
Ease of Use
A Web-based user interface simplifies and distributes configuration for user profiles, group profiles,
and Cisco Secure ACS configuration.
and Cisco Secure ACS configuration.
Scalability
Cisco Secure ACS is built to support large networked environments with support for redundant
servers, remote databases, and database replication and backup services.
servers, remote databases, and database replication and backup services.
Extensibility
Lightweight Directory Access Protocol (LDAP) authentication forwarding supports the authentication
of user profiles stored in directories from leading directory vendors, including Sun, Novell, and
Microsoft.
of user profiles stored in directories from leading directory vendors, including Sun, Novell, and
Microsoft.
Management
Windows Active Directory support consolidates Windows user name and password management
and uses the Windows Performance Monitor for real-time statistics viewing.
and uses the Windows Performance Monitor for real-time statistics viewing.
Administration
Different access levels for each Cisco Secure ACS administrator-and the ability to group network
devices-enable easier control and maximum flexibility to facilitate enforcement and changes of
security policy administration over all the devices in a network.
devices-enable easier control and maximum flexibility to facilitate enforcement and changes of
security policy administration over all the devices in a network.
Product Flexibility
Because Cisco IOS® Software has embedded support for AAA, Cisco Secure ACS can be used
across virtually any network access server that Cisco sells (the Cisco IOS Software release must
support RADIUS or TACACS+).
across virtually any network access server that Cisco sells (the Cisco IOS Software release must
support RADIUS or TACACS+).
Cisco Secure ACS is available in two options: Cisco Secure ACS Solution Engine, a rack-
mountable, security-hardened appliance and Cisco Secure ACS for Windows, a scalable and
feature-rich software that runs on Windows platform
mountable, security-hardened appliance and Cisco Secure ACS for Windows, a scalable and
feature-rich software that runs on Windows platform
Integration
Tight coupling with Cisco IOS routers and VPN solutions provides features such as Multichassis
Multilink Point-to-Point Protocol (PPP) and Cisco IOS Software command authorization.
Multilink Point-to-Point Protocol (PPP) and Cisco IOS Software command authorization.
Third-Party Support
Cisco Secure ACS offers token server support for any OTP vendor that provides an RFC-compliant
RADIUS interface (such as RSA, PassGo, Secure Computing, ActiveCard, Vasco, or CryptoCard).
RADIUS interface (such as RSA, PassGo, Secure Computing, ActiveCard, Vasco, or CryptoCard).
Control
Cisco Secure ACS provides dynamic quotas for time-of-day, network use, number of logged
sessions, and day-of-week access restrictions.
sessions, and day-of-week access restrictions.
Features and Benefits
Cisco Secure ACS 4.1 provides the following new features and benefits:
●
Regulatory compliance support—Cisco Secure ACS 4.1 addresses the increased concern
about compliance with the Sarbanes-Oxley Act. Release 4.1 supports compliance features