Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
AAA / TACACS+ on Windows platform ?
- Thread starter cpace
- Start date
The CiscoSecure Access Control Server (ACS) is specialized security software that runs on Windows NT/2000 and Unix. The software simplifies and centralizes control for all user authentication, authorization, and accounting. Cisco ACS employs a web-based graphical interface, and can distribute the AAA information to hundreds or even thousands of access points in a network.
The CiscoSecure ACS software uses either the TACACS+ or the RADIUS protocol to provide this network security and tracking.
Each of your network devices can be configured to communicate with an ACS. Service providers can use ACS to centralize control of dial-up access. With a CiscoSecure ACS, system administrators may use a variety of authentication methods that are aligned with a varying degree of authorization privileges. Centralizing control of network access simplifies access management and helps establish consistent provisioning and security policies.
CiscoSecure ACS also acts as a central repository for accounting information. Each user session that is granted by the ACS can be fully accounted for and stored in the server. This accounting information can be used for billing, capacity planning, and security audits.
The CiscoSecure ACS software uses either the TACACS+ or the RADIUS protocol to provide this network security and tracking.
Each of your network devices can be configured to communicate with an ACS. Service providers can use ACS to centralize control of dial-up access. With a CiscoSecure ACS, system administrators may use a variety of authentication methods that are aligned with a varying degree of authorization privileges. Centralizing control of network access simplifies access management and helps establish consistent provisioning and security policies.
CiscoSecure ACS also acts as a central repository for accounting information. Each user session that is granted by the ACS can be fully accounted for and stored in the server. This accounting information can be used for billing, capacity planning, and security audits.
Yes..
A couple of ways this can be done.
1: Run Linux
this is free
2: Get an old copy of Easy ACS from Cisco version 1.0 THis runs under Windows NT4.0 and is free to cheap off Ebay
3: There are several shareware TACACS+ /Radius servers on the net. Some are old and not supported anymore but still work well enough if you are willing to spend a bit of time
4: I have a version that is free but runs under Windows 3.1 ( remember that?) The trick is to use Virtual PC on a Win2K box and run DOS/Win3.1 as a virtual session. Works great.
The Linux TACACS servers can hook to MySQL for a full blown AAA and/or RADIUS authentication/tracking/auditing.
Why am I pushing the Linux? because it's so much cheaper then Cisco's ACS solution. If you have deep pockets, thats fine but for lab work, small networks or even big networks but with limited AAA needs, the Linux implementation can work out very nicely. Some folks would rather have the Cisco name behind them and thats fine also.
I have some more info at
MikeS
Find me at
"The trouble with giving up civil rights is that you never get them back"
A couple of ways this can be done.
1: Run Linux
this is free2: Get an old copy of Easy ACS from Cisco version 1.0 THis runs under Windows NT4.0 and is free to cheap off Ebay
3: There are several shareware TACACS+ /Radius servers on the net. Some are old and not supported anymore but still work well enough if you are willing to spend a bit of time
4: I have a version that is free but runs under Windows 3.1 ( remember that?) The trick is to use Virtual PC on a Win2K box and run DOS/Win3.1 as a virtual session. Works great.
The Linux TACACS servers can hook to MySQL for a full blown AAA and/or RADIUS authentication/tracking/auditing.
Why am I pushing the Linux? because it's so much cheaper then Cisco's ACS solution. If you have deep pockets, thats fine but for lab work, small networks or even big networks but with limited AAA needs, the Linux implementation can work out very nicely. Some folks would rather have the Cisco name behind them and thats fine also.
I have some more info at
MikeS
Find me at
"The trouble with giving up civil rights is that you never get them back"
I' still waiting my for my Wassabi Pop Tarts.. Find me at
"The trouble with giving up civil rights is that you never get them back"
"The trouble with giving up civil rights is that you never get them back"
- Status
Similar threads
- Locked
- Question