Cisco Secure ACS for Windows Architecture

Cisco Secure ACS is modular and flexible to fit the needs of both simple and large networks. Cisco Secure ACS for Windows operates as a set of Windows 2000 services and controls the AAA, for users accessing networks.

When you install Cisco Secure ACS on your server, the installation adds several Windows services. These services provide the core of the Cisco Secure ACS functionality and are as follows:

• CSAdmin Provides the HTML interface for administration of Cisco Secure ACS

• CSAuth Provides authentication and authorization services

• CSDBSync Provides synchronization of the Cisco Secure user database with an external RDBMS application

• CSLog Provides logging services, both for accounting and system activity

• CSMon Provides monitoring, recording, and notification of Cisco Secure ACS performance, and includes automatic response to some scenarios

• CSTacacs and CSRadius Provides communication between RADIUS or TACACS+ AAA clients and the CSAuth service

Figure 9-5 shows the cores services in the Cisco ACS for Windows.

CSAdmin provides the web server for the Cisco Secure ACS HTML interface. After installing Cisco Secure ACS, you must configure it from its HTML interface; therefore, CSAdmin must be running when you configure Cisco Secure ACS.

Cisco Secure ACS has a built-in web server for ACS administration. The web server uses port 2002 rather than the standard port 80 usually associated with HTTP traffic. CSAdmin is multithreaded, which enables several Cisco Secure ACS administrators to access it at the same time. Therefore, CSAdmin is well-suited for distributed, multiprocessor environments.

Figure 9-5. Core Services of Cisco ACS for Windows

[View full size image]

Figure 9-5. Core Services of Cisco ACS for Windows

[View full size image]

0 0

Post a comment