Chapter 2 Deploying Cisco Secure ACS
Basic Deployment Factors for Cisco Secure ACS
2-8
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Figure 2-3
Geographically Dispersed Network
Wireless Network
The wireless network access point is a relatively new client for AAA services.
The wireless access point (AP), such as the Cisco Aironet series, provides a
bridged connection for mobile end-user clients into the LAN. Authentication is
absolutely necessary due to the ease of access to the AP. Encryption is also
necessary because of the ease of eavesdropping on communications. As such,
security plays an even bigger role than in the dial-up scenario and is discussed in
more detail later in this section.
Scaling can be a serious issue in the wireless network. Like the “wired” LAN, the
mobility factor of the wireless LAN (WLAN) requires considerations similar to
those given to the dial-up network. Unlike the wired LAN, however, the WLAN
can be more readily expanded. Though WLAN technology does have physical
limits as to the number of users that can be connected via an AP, the number of
APs can grow quickly. As with the dial-up network, you can structure your
WLAN to allow full access for all users, or to provide restricted access to different
subnets between sites, buildings, floors, or rooms. This brings up a unique issue
with the WLAN: the ability of a user to “roam” between APs.
Cisco Secure
Access Control
Server
Cisco Secure
Access Control
Server
Cisco Secure
Access Control
Server
63488