Chapter 8 Establishing Cisco Secure ACS System Configuration
CiscoSecure Database Replication
8-18
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
The Replication Components table on the CiscoSecure Database Replication page
presents the options that control which components are replicated; these options
are as follows:
•
User and group database—Replicate information for groups and users.
•
Network Configuration Device tables—Replicate the AAA Servers tables
and the AAA Clients tables in the Network Configuration section. This also
controls whether network device groups are replicated.
•
Distribution table—Replicate the Proxy Distribution Table in the Network
Configuration section.
•
Interface configuration—Replicate Advanced Options settings, RADIUS
settings, and settings from the Interface Configuration section.
•
Interface security settings—Replicate administrators and security
information for the Cisco Secure ACS HTML interface.
•
Password validation settings—Replicate password validation settings.
If mirroring the entire database with a secondary Cisco Secure ACS might send
confidential information, such as the Proxy Distribution Table, you can configure
the primary Cisco Secure ACS to send only a specific category of database
information.
Outbound Replication Options
In the Outbound Replication table on the CiscoSecure Database Replication page,
you can schedule outbound replication and you can specify the secondary
Cisco Secure ACSes for this primary Cisco Secure ACS.
•
Scheduling Options—You can specify when CiscoSecure database
replication occurs. The options that control when replication occurs appear in
the Scheduling section of Outbound Replication table and are as follows:
–
Manually—Cisco Secure ACS does not perform automatic database
replication.
–
Automatically Triggered Cascade—Cisco Secure ACS performs
database replication to the configured list of secondary
Cisco Secure ACSes when database replication from a primary
Cisco Secure ACS completes. This enables you to build a propagation
hierarchy of Cisco Secure ACS, relieving a primary Cisco Secure ACS