Белая книга для Cisco Cisco ASA 5540 Adaptive Security Appliance
Cisco and Public Sector Cyberdefense
5
Of course, the use of 802.1x or NAC presupposes the existence of a back-
end authentication, authorization, and accounting (AAA) server.
end authentication, authorization, and accounting (AAA) server.
The Cisco
Secure Access Control Server (ACS) can serve as an integral part of this
overall system.
overall system.
ACS is a scalable, high-performance RADIUS and TACACS+
security server. As the centralized control point for managing network users,
network administrators, and network infrastructure resources, ACS provides
a comprehensive identity-based network-access control solution for Cisco
information networks.
network administrators, and network infrastructure resources, ACS provides
a comprehensive identity-based network-access control solution for Cisco
information networks.
ACS extends network-access security by combining AAA with policy control
from a centralized identity-based networking framework. This combination gives
networks greater flexibility, mobility, and security, resulting in user-productivity
gains. ACS supports a broad variety of Cisco and other network-access devices,
including:
from a centralized identity-based networking framework. This combination gives
networks greater flexibility, mobility, and security, resulting in user-productivity
gains. ACS supports a broad variety of Cisco and other network-access devices,
including:
• Wired and wireless LAN switches and access points
• Edge and core routers
• Dialup and broadband terminators
• Content and storage devices
• Voice over IP (VoIP)
• Firewalls
• Virtual private networks (VPNs)
Making sure that the user’s identity is verified prior to network access is an
important component of the trust and identity system. This helps address the
category of prevention.
important component of the trust and identity system. This helps address the
category of prevention.
Continue
Previous