|
|
To support the growing population of network devices that directly or indirectly control how users connect to the public Internet and the corporate intranet, Cisco introduces CiscoSecure ACS v2.3 for UNIX. CiscoSecure ACS v2.3 for UNIX is an Access Control Server for Solaris that controls the authentication, authorization, and accounting of users accessing the Internet or intranet. Primary applications for the CiscoSecure Access Control Server include securing dial-up access servers and firewalls for network access and securing the management of routers and switches within a network. Both applications have unique authentication and authorization requirements. With CiscoSecure Access Control Server, system administrators can select a variety of authentication methods that each provide a set of authorization privileges. Completing the access control functionality, the CiscoSecure Access Control Server serves as a central repository for accounting information. Each session that is established can be fully accounted for and stored on the server. This accounting information can be used for security audits, capacity planning, or bill-back network usage. CiscoSecure ACS is a powerful access control server with many Service Provider and Enterprise features: Simultaneous TACACS+ and RADIUS support for a flexible solution HTML/JAVA GUI for a ubiquitous interface that simplifies and speeds up configuration for user and group profiles. SSL is also available to secure server configuration. Administration of users using groups for maximum flexibility and to facilitate enforcement and changes of security policies Group Administration Token Caching Local and Remote Domain declaration VPDN support at the origination and termination of VPDN (L2F) tunnels Import mechanism to rapidly import a large number of users Relational Database support using Oracle, Sybase, or the included SQL Anywhere Password support that includes Cleartext, DES encrypted, Bellcore S/Key, UNIX /etc/passwd file, Challenge Handshake Authentication Protocol (CHAP), Password Authentication Protocol (PAP), and AppleTalk Remote Access (ARA) Token Server support for CryptoCard, Secure Computing, and Security Dynamics Time-of-day and day-of-week access restrictions User restrictions based on NAS name, Port Name, or Remote Address including CLID Disabling of an account on a specific date Disabling of an account after N failed attempts to prevent brute force attacks Accounting information stored in the Relational Database Using CiscoSecure Access Control Server, a network administrator can control the following: Who can log in to the network What privileges each user has in the network What accounting information is recorded in terms of security audits or account billing CiscoSecure Access Control Server v2.3 for UNIX (Solaris)
Product Overview
Key Features and Benefits
Specifications
|
Description |
Specification |
|---|---|
|
Hardware |
Sun SPARCstation 20 CD-ROM drive 128 MB of RAM 256 MB of disk swap space 500 MB of disk space |
|
Software |
Solaris V2.51 or V2.6 IOS v11.1 (TACACS+) IOS v11.2 (RADIUS) Oracle v7.33 Sybase v11.1 |
The following table lists the CiscoSecure Access Control Server product numbers. Note that each copy of CiscoSecure is licensed to be installed on a single Sun Workstation. A backup copy can also be used, but this backup copy can only be used to Authenticate, Authorize, or Account when the primary CiscoSecure is not active. There are no license restrictions on number of users or ports.
Product and Part Numbers Table 19-8: Part Numbers for the CiscoSecure Access Control Server| Part Description | Part Number |
|---|---|
| CiscoSecure Access Control Server Version 2.3 for UNIX (Solaris) | CSU-2.3 |
| CiscoSecure Access Control Server Version 1.x/2.x to Version 2.3 upgrade | CSU-2.3-UG |
| CiscoSecure software application support for UNIX | CON-SAS-CSU |
| CiscoSecure software application support plus upgrades for UNIX | CON-SAU-CSU |