Cisco Secure Access Control Server Solution Engine



Similar documents
Cisco Conference Connection

Cisco IOS Public-Key Infrastructure: Deployment Benefits and Features

How To Get A New Phone System For Your Business

CISCO PIX SECURITY APPLIANCE LICENSING

Cisco CNS NetFlow Collection Engine Version 4.0

CISCO CONTENT SWITCHING MODULE SOFTWARE VERSION 4.1(1) FOR THE CISCO CATALYST 6500 SERIES SWITCH AND CISCO 7600 SERIES ROUTER

CISCO METRO ETHERNET SERVICES AND SUPPORT

Cisco CNS NetFlow Collection Engine Version 5.0

THE CISCO CRM COMMUNICATIONS CONNECTOR GIVES EMPLOYEES SECURE, RELIABLE, AND CONVENIENT ACCESS TO CUSTOMER INFORMATION

It looks like your regular telephone.

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

CISCO MDS 9000 FAMILY PERFORMANCE MANAGEMENT

Cisco IT Data Center and Operations Control Center Tour

CISCO NETWORK CONNECTIVITY CENTER

CISCO WIRELESS SECURITY SUITE

CISCO IOS SOFTWARE FEATURE PACKS FOR THE CISCO 1700 SERIES MODULAR ACCESS ROUTERS AND CISCO 1800 SERIES (MODULAR) INTEGRATED SERVICES ROUTERS

NetFlow Feature Acceleration

CISCO SMALL AND MEDIUM BUSINESS CLASS VOICE SOLUTIONS: CISCO CALLMANAGER EXPRESS BUNDLES

HIGH-DENSITY PACKET VOICE DIGITAL SIGNAL PROCESSOR MODULE FOR CISCO IP COMMUNICATIONS SOLUTION

CISCO IOS IP SERVICE LEVEL AGREEMENT

PUBLIC KEY INFRASTRUCTURE CERTIFICATE REVOCATION LIST VERSUS ONLINE CERTIFICATE STATUS PROTOCOL

NETWORK AVAILABILITY IMPROVEMENT SUPPORT OPERATIONAL RISK MANAGEMENT ANALYSIS

Cisco Router and Security Device Manager File Management

Cisco 2-Port OC-3/STM-1 Packet-over-SONET Port Adapter

THE BUSINESS CASE FOR MANAGED SERVICES IN SMALL AND MEDIUM-SIZED BUSINESSES

Cisco SMB Class Solutions Your Next Phone System Purchase

Cisco Blended Agent: Bringing Call Blending Capability to Your Enterprise

IS YOUR OLD PHONE SYSTEM HANGING UP YOUR DISTRICT? CISCO K 12 DIRECT LINE SOLUTION FOR IP COMMUNICATIONS

IP Networking and the Advantages of consolidation

Cisco IOS Telephony Services Survivable/Standby Remote Site Telephony

Cisco Systems GigaStack Gigabit Interface Converter

Cisco WebEx Social Compatibility Guide

E-Seminar. Financial Management Internet Business Solution Seminar

Figure 1. The Cisco Aironet Power Injectors Provide Inline Power to Cisco Aironet Access Points and Bridges

Cisco Aironet 1130AG Series

Serial Connectivity Network Modules for the 2600, 3600, and 3700 Series (NM-1HSSI, NM-4T, NM-4A/S, NM-8A/S, NM-16A/S, NM-16A, NM-32A)

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 3800 SERIES ROUTERS

CISCO SFP OPTICS FOR PACKET-OVER-SONET/SDH AND ATM APPLICATIONS

CISCO AIRONET POWER INJECTOR

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

Cisco 7200 and 7500 Series Routers

Cisco IOS Firewall Intrusion Detection System

CISCO CATALYST 3750 SERIES SWITCHES

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 2800 SERIES ROUTERS

CISCO CATALYST 6500 SERIES CONTENT SWITCHING MODULE

Cisco Outbound Option

CISCO MEETINGPLACE MANAGED SERVICE

PREVENTING WORM AND VIRUS OUTBREAKS WITH CISCO SELF-DEFENDING NETWORKS

Cisco PBX Interoperability: Lucent/Avaya Definity G3si V7 PBX with CallManager using Analog FXS and FXO Interfaces as an MGCP Gateway

Cisco GLBP Load Balancing Options

Combined voice and data solution supports Orange s ongoing success in the UK business market

Internal IT Staff at a Serbian Children s Hospital Takes Innovative Approach to Outpatient Care

CISCO ATA 186 ANALOG TELEPHONE ADAPTOR

CISCO IP PHONE EXPANSION MODULE 7914

How To Connect A Cisco Aironet 350 Series Wireless Bridge To A Network With A Wireless Bridge

Cisco 2600XM DSL Router Bundles

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

CISCO MEETINGPLACE FOR OUTLOOK 5.3

E-Seminar. E-Commerce Internet Business Solution Seminar

How To Outtask Metro Ether To A Managed Service Provider

Cisco Router and Security Device Manager Dial-Backup Solution

Cisco 7200 Series Enterprise WAN Aggregation Application

Cisco Intelligent Contact Management Enterprise Edition

CISCO NETWORK CONNECTIVITY CENTER MPLS MANAGER 1.0

Cisco Solution Incentive Program Asia Pacific

CISCO CATALYST 6500 SUPERVISOR ENGINE 32

The Palace of Versailles Goes Digital, Increasing Revenue and Enhancing Overall Visitor Experience

IP Communications for Small Offices Using Cisco CallManager Express and Cisco Unity Express

CISCO ATA 188 ANALOG TELEPHONE ADAPTOR

Cisco Catalyst 6500 Series/Cisco 7600 Series Supervisor Engine 720-3BXL

Cisco AVVID Network Enterprise Data Center Solution Overview

Cisco IT Data Center and Operations Control Center Tour

Enabling High Availability for Voice Services in Cable Networks

Cisco Secure Policy Manager Version 3.1

networks (VPNs). models, the Cisco 800 series of routers addresses wide range Figure 1 Cisco 800 Series Routers give Small Offices and Corporate

Cisco PIX Device Manager v3.0

CISCO 10GBASE X2 MODULES

SOUTH BAY BMW ACHIEVES UNMATCHED AVAILABILITY AND SECURITY WITH ITS CISCO NETWORK

What is network convergence all about?

Cisco CSS Series Content Services Switch

Cisco Systems Brings World-Class Online Banking Solutions to State Bank of India

CISCO CALLMANAGER EXPRESS 3.2

Cisco Unified IP Conference Station 7936

CONNECT TO COMPREHENSIVE NETWORK SECURITY SOLUTIONS WITH THE CISCO IP NETWORK DEFENDER PROGRAM.

World Consumer Income and Expenditure Patterns

City Government Improves Caller Service and Cultivates Economic Vitality

Enterprise Reporting

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

Cisco Business Communications Solution. Brochure

CISCO SMARTNET SUPPORT AND CISCO SMARTNET ONSITE

Configuring DHCP for ShoreTel IP Phones

SERIAL AND ASYNCHRONOUS HIGH-SPEED WAN INTERFACE CARDS FOR CISCO 1800, 2800, AND 3800 SERIES INTEGRATED SERVICES ROUTERS

CISCO WAN MANAGER 15 DATA SHEET

CISCO 100BASE-X SFP FOR FAST ETHERNET SFP PORTS

Optical Service Modules: OC-3/STM-1, OC-12/STM-4 and OC-48/STM-16 POS, OC-12/STM-4 ATM, Gigabit Ethernet WAN, Channelized T3 (CT3) and OC12/STM-4

DATA SHEET. GigaStack GBIC THE CISCO SYSTEMS GIGASTACK GIGABIT INTERFACE CONVERTER (GBIC) IS A VERSATILE, LOW-COST,

Transcription:

Data Sheet Cisco Secure Access Control Server Solution Engine The Cisco Secure Access Control Server (ACS) provides a comprehensive identity networking solution and secure user experience for Cisco intelligent information networks. It is the integration and control layer among all enterprise users, administrators, and the resources of the network infrastructure. The Cisco Secure ACS Solution Engine adds new security improvements, simplified management, and reduced total cost of ownership (TCO) for the operation of the underlying ACS service. Introduction The Cisco Secure ACS Solution Engine is a high-performance and highly scalable user and administrative access control solution that operates as a centralized RADIUS or TACACS+ server system for the Cisco 1111 platform. Packaged in a dedicated and secure 1-rack-unit (1-RU) hardened appliance, the Cisco Secure ACS Solution Engine provides a reduced-configuration, plug and play solution, and highly reliable platform with the unique ability to protect existing networking infrastructure through fully Web-based remote-access and configuration capabilities. The need for security appliances is rapidly increasing in today s IT space. Security, convenience, and ease of installation and troubleshooting are the important advantages of security appliances compared to the many software-based security applications that exist in the marketplace today. The innovative, new, 1-RU, security-hardened Cisco Secure ACS Solution Engine was designed to specifically alleviate the security issue with a closed-device design that makes it substantially more difficult for intruders to penetrate than an open-platform system. Security appliances provide an all-in-one approach that simplifies product selection, product integration, and ongoing support. By combining all necessary operating system installation and patching with the ACS software service, customers can avoid maintaining software versioning and proliferation of servers, patches, and operating system (OS) maintenance issues. This is particularly important in large networking environments where security solutions are required in remote sites with no IT professionals present to regularly manage and upgrade these solutions. In addition, a security appliance greatly simplifies support and troubleshooting in failure modes, hence enabling quick service restoration (through a one-stop support contact) an important consideration, especially when the security application is mission-critical, a situation that is true with security authentication, authorization, and accounting (AAA) applications. Changing network dynamics and increased security threats have influenced new opportunities in access control management solutions. As AAA becomes more relevant and the requirement to All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 1 of 5

control user access expands beyond just dialup, new trends (including expanded authentication, tracking, and audit management) are emerging that require identity-networking solutions to be pervasive, scalable, and available throughout the network. Cisco Secure ACS extends access security by combining authentication, user or administrator access, and policy control from a centralized location, allowing for greater flexibility and mobility, increased security, and user productivity gains. As an accounting service, the Cisco Secure ACS Solution Engine reduces IT operations costs by providing detailed reporting and monitoring capabilities of network users behavior and by keeping a record of every access connection and device configuration change across the entire network. Cisco Secure ACS provides a centralized identity networking solution and simplified user-management experience across all Cisco devices and security-management applications. Cisco Secure ACS ensures enforcement of assigned policies by allowing network administrators to control: Who can log in to the network What privileges each user has in the network What accounting information is recorded in terms of security audits or account billing What access and command controls are enabled for each configuration administrator Like the Cisco Secure ACS for Windows, the Cisco Secure ACS Solution Engine supports a wide array of access connection types, including wired or wireless LAN, dialup, broadband, content, storage, voice over-ip (VoIP), firewall, and virtual private networks (VPNs). Cisco Secure ACS Solution Engine Highlights The Cisco Secure ACS Solution Engine is a highly secure, OS-independent, and dedicated platform that offers a highly manageable access control solution with an increasingly reduced setup and troubleshooting time. The Cisco Secure ACS Solution Engine provides Plug and Play deployment, a highly reliable AAA solution, and increased TCO protection through the high availability and simplified day-to-day operation and management of the Cisco Secure ACS service. It provides the same features and functions as the Cisco Secure ACS for Windows, in a dedicated, security-hardened, application-specific appliance package. Customers with existing Windows-based Cisco Secure ACS deployments can add or upgrade to Cisco Secure ACS Solution Engines without any effect on existing AAA configurations, including remote logging and replication configurations. More information about the latest Cisco Secure ACS features is available from the Cisco Secure ACS for Windows data sheet. To ensure the high-security posture of the Cisco Secure ACS Solution Engine, additional functions specific to operating and managing the Cisco Secure ACS Solution Engine are provided. Additionally, a Cisco Secure ACS remote agent is available with each Cisco Secure ACS Solution Engine to enable remote logging and Windows authentication. Forwarding all accounting data from the solution engine to a remote agent preserves disk space on the solution engine. It also improves AAA performance by eliminating the frequent and time-consuming disk writes required for local logging on the solution engine. Also, because a Cisco Secure ACS Solution Engine is never a member of a Microsoft Windows domain, the Cisco Secure ACS remote agent establishes the necessary Windows domain trust relationships for Windows-based authentication. Table 1 lists additional functions provided by the Cisco Secure ACS Solution Engine. These functions are not available from the Cisco Secure ACS for Windows software product. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 2 of 5

Table 1 Functions Provided by the Cisco Secure ACS Solution Engine Hardened underlying operating system Serial console interface Solution Engine-specific management tools Cisco Secure ACS remote agent Port-based packet filtering Network Timing Protocol (NTP) support The Cisco Secure ACS Solution Engine is dedicated to run only the Cisco Secure ACS service, thereby preventing any appliance-based OS changes, additions, or configuration modifications. A serial console interface is provided on the Cisco Secure ACS Solution Engine for initial configuration, subsequent management of IP connections, access to the Cisco Secure ACS HTML interface, and application of upgrade and recovery procedures. The serial console interface supports both serial line and Telnet connections through which the Cisco Secure ACS service can be reimaged, reloaded, and rebooted, both locally and remotely. Integrated into the existing Cisco Secure ACS HTML interface, Solution Engine-specific management tools provide generic appliance-management capabilities, including backup, recovery, software upgrades, monitoring, maintenance, and troubleshooting functions. The Cisco Secure ACS HTML interface is accessed though a secured Secure Sockets Layer (SSL)-based connection. The Cisco Secure ACS remote agent provides two functions: authentication against Windows domains and remote logging capabilities of user accounting records. Administrators can provision primary and backup Cisco Secure ACS remote agents in distributed Cisco Secure ACS configurations. The Cisco Secure ACS Solution Engine implements a packet-filtering service to block traffic on all but the necessary Cisco Secure ACS-specific TCP and UDP ports. The Cisco Secure ACS Solution Engine has built-in NTP functions to maintain network timing synchronization and consistency with other Cisco Secure ACS appliances or network devices. Cisco Secure ACS Solution Engine-Specific Benefits In addition to the many benefits the Cisco Secure ACS solution brings in controlling user and administrative AAA inside your network, the Cisco Secure ACS Solution Engine, with its 1-RU hardened form factor, adds specific security and operational advantages in the following areas: Security With a security-hardened service focused on running exclusively the Cisco Secure ACS service, the solution engine significantly increases the security posture of the Cisco Secure ACS system. All solution engine services and ports not used by the Cisco Secure ACS service are disabled to secure access to the Cisco Secure ACS Solution Engine. Plug and Play solution The Cisco Secure ACS Solution Engine provides a record service uptime before starting to configure the Cisco Secure ACS service. Manageability With a dedicated, exclusive, and complete Cisco Secure ACS solution, the appliance greatly simplifies manageability and support of the Cisco Secure ACS service while removing the necessity to manage any UNIX or Windows network operating systems. Supportability With no external services or applications (other than the Cisco Secure ACS service) allowed to be installed on the solution engine, the support and the day-to-day management of the Cisco Secure ACS Solution Engine are greatly simplified. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 3 of 5

Reliability Enabling only the services that are required by Cisco Secure ACS allows an increase in overall reliability and security of the Cisco Secure ACS service. TCO With a turnkey security-hardened solution engine that is easily deployed, Cisco is able to guarantee full support, maintenance, and serviceability of the overall Cisco Secure ACS system not just the Cisco Secure ACS software running on various hardware configurations, supported by third-party vendors. Migration from Cisco Secure ACS UNIX The Cisco Secure ACS Solution Engine provides a suitable alternative for Cisco Secure ACS UNIX customers not willing to install or manage Cisco Secure ACS on the Windows OS. System Requirements Hardware Requirements The Cisco Secure ACS Solution Engine is available on Cisco 1111 platforms with the following specifications: Pentium IV processor, 2.66 GHz 1 GB RAM 40 GB free disk space Two built-in 10/100 Ethernet controllers 1 floppy disk drive 1 CD-ROM drive The Cisco Secure ACS remote agent is available in a Windows version that can be installed on a Windows 2000 Server (Windows Domain Controller or Member Server supported). The computer running Cisco Secure ACS remote agent for Windows must meet the following minimum hardware requirements: Pentium III processor, 550 MHz or faster 256 MB RAM 250 MB free disk space Ordering Information The Cisco Secure ACS Solution Engine is available for purchase through normal Cisco sales and distribution channels worldwide. The Cisco Secure ACS Solution Engine is shipped with a preinstalled Cisco Secure ACS Software license. For More Information For more information about Cisco Secure ACS, visit: http:///go/acs. For specific product functions or technical questions, send e-mail to the Cisco Secure ACS product marketing group at ACS-MKT@cisco.com. For questions about product ordering, availability, and support contract information, send e-mail to the product marketing group at ciscoworks@cisco.com. All contents are Copyright 1992 2003 All rights reserved. Important Notices and Privacy Statement. Page 4 of 5

Corporate Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters Capital Tower 168 Robinson Road #22-01 to #29-01 Singapore 068912 Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at /go/offices Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe All contents are Copyright 1992 2003 All rights reserved. Cisco, Cisco Systems, the Cisco Systems logo, Aironet, Catalyst, and Cisco IOS are registered trademarks or trademarks of and/or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0303R) 203051/ETMG_04/03

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information