The CiscoSecure Access Control Server (ACS) is specialized security software that runs on Windows NT/2000 and Unix. The software simplifies and centralizes control for all user authentication, authorization, and accounting. Cisco ACS employs a web-based graphical interface, and can distribute the AAA information to hundreds or even thousands of access points in a network.
The CiscoSecure ACS software uses either the TACACS+ or the RADIUS protocol to provide this network security and tracking.
Each of your network devices can be configured to communicate with an ACS. Service providers can use ACS to centralize control of dial-up access. With a CiscoSecure ACS, system administrators may use a variety of authentication methods that are aligned with a varying degree of authorization privileges. Centralizing control of network access simplifies access management and helps establish consistent provisioning and security policies.
CiscoSecure ACS also acts as a central repository for accounting information. Each user session that is granted by the ACS can be fully accounted for and stored in the server. This accounting information can be used for billing, capacity planning, and security audits.
1: Run Linux this is free
2: Get an old copy of Easy ACS from Cisco version 1.0 THis runs under Windows NT4.0 and is free to cheap off Ebay
3: There are several shareware TACACS+ /Radius servers on the net. Some are old and not supported anymore but still work well enough if you are willing to spend a bit of time
4: I have a version that is free but runs under Windows 3.1 ( remember that?) The trick is to use Virtual PC on a Win2K box and run DOS/Win3.1 as a virtual session. Works great.
The Linux TACACS servers can hook to MySQL for a full blown AAA and/or RADIUS authentication/tracking/auditing.
Why am I pushing the Linux? because it's so much cheaper then Cisco's ACS solution. If you have deep pockets, thats fine but for lab work, small networks or even big networks but with limited AAA needs, the Linux implementation can work out very nicely. Some folks would rather have the Cisco name behind them and thats fine also.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.