G-5
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Appendix G Cisco Secure ACS Internal Architecture
CSMon
Note
CSMon is not intended as a replacement for system, network, or application
management applications but is provided as an application-specific utility that can
be used with other, more generic system management tools.
CSMon performs four basic activities, outlined in the following topics:
•
Monitoring, page G-5
•
Recording, page G-6
•
Notification, page G-7
•
Response, page G-7
Monitoring
CSMon monitors the overall status of Cisco Secure ACS and the system on which
it is running. CSMon actively monitors three basic sets of system parameters:
•
Generic host system state—CSMon monitors the following key system
thresholds:
–
Available hard disk space
–
Processor utilization
–
Physical memory utilization
All events related to generic host system state are categorized as “warning
events”.
•
Application-specific performance—
–
Application viability—CSMon periodically performs a test login using
a special built-in test account (the default period is one minute).
Problems with this authentication can be used to determine if the service
has been compromised.
–
Application performance thresholds—CSMon monitors and records
the latency of each test authentication request (the time it takes to receive
a positive response). Each time this is performed, CSMon updates a
variable containing the average response time value. Additionally, it
records whether retries were necessary to achieve a successful response.
By tracking the average time for each test authentication, CSMon can