Chapter 1 Overview of Cisco Secure ACS
Cisco Secure ACS Specifications
1-4
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
If your network has several thousand AAA clients, we recommend using
multiple Cisco Secure ACSes and assigning no more than 5000 AAA clients
to each Cisco Secure ACS. For example, if you have 20,000 AAA clients, you
could use four Cisco Secure ACSes and divide the AAA client load among
them so that no single Cisco Secure ACS manages more than 5000 AAA
client configurations. If you use replication to propagate configuration data
among Cisco Secure ACSes, limit replication of AAA client data to
Cisco Secure ACSes that serve the same set of AAA clients.
Cisco Secure ACS Windows Services
Cisco Secure ACS operates as a set of Windows 2000 services and controls the
authentication, authorization, and accounting of users accessing networks.
When you install Cisco Secure ACS on your server, the installation adds several
Windows services. The services provide the core of Cisco Secure ACS
functionality. For a full discussion of each service, see
Appendix G,
“Cisco Secure ACS Internal Architecture.”
The Cisco Secure ACS services on
your Cisco Secure ACS server include the following:
•
CSAdmin—Provides the HTML interface for administration of
Cisco Secure ACS.
•
CSAuth—Provides authentication services.
•
CSDBSync—Provides synchronization of the CiscoSecure user database
with an external RDBMS application.
•
CSLog—Provides logging services, both for accounting and system activity.
•
CSMon—Provides monitoring, recording, and notification of
Cisco Secure ACS performance, and includes automatic response to some
scenarios.
•
CSTacacs—Provides communication between AAA clients and
the CSAuth service.
•
CSRadius—Provides communication between RADIUS AAA clients and
the CSAuth service.
Each module can be started and stopped individually from within the Microsoft
Service Control Panel or as a group from within the Cisco Secure ACS HTML
interface. For information about stopping and starting Cisco Secure ACS
services, see
Service Control, page 8-2
.