2-19
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Chapter 2 Deploying Cisco Secure ACS
Suggested Deployment Sequence
For more information about setting up administrators, see
Chapter 10,
“Setting Up and Managing Administrators and Policy.”
•
Configure the Cisco Secure ACS HTML Interface—You can configure
the Cisco Secure ACS HTML interface to show only those features and
controls that you intend to use. This makes using Cisco Secure ACS less
difficult than it would be if you had to contend with multiple parts of the
HTML interface that you do not plan to use. The price of this convenience
can sometimes be frustration that features and controls do not appear because
you failed to configure them in the Interface Configuration section. For
guidance on configuring the HTML interface, see
Interface Design Concepts,
page 3-2
.
For information about configuring particular aspects of the HTML interface,
see the following sections of the interface configuration chapter:
–
User Data Configuration Options, page 3-3
–
Advanced Options, page 3-4
–
Protocol Configuration Options for , page 3-7
–
Protocol Configuration Options for RADIUS, page 3-10
•
Configure System—There are more than a dozen functions within the
System Configuration section to be considered, from setting the format for
the display of dates and password validation to configuring settings for
database replication and RDBMS synchronization. These functions are
detailed in
Chapter 8, “Establishing Cisco Secure ACS System
Configuration.”
Of particular note during initial system configuration is
setting up the logs and reports to be generated by Cisco Secure ACS; for
more information, see
Chapter 9, “Working with Logging and Reports.”
•
Configure Network—You control distributed and proxied AAA functions in
the Network Configuration section of the HTML interface. From here, you
establish the identity, location, and grouping of AAA clients and servers, and
determine what authentication protocols each is to use. For more information,
see
Chapter 4, “Setting Up and Managing Network Configuration.”
•
Configure External User Database—During this phase of deployment you
must decide whether and how you intend to implement an external database
to establish and maintain user authentication accounts. Typically, this
decision is made according to your existing network administration