Book description
Hands-on techniques for enabling authentication, authorization, and accounting
Understand the security concepts behind the AAA framework
Learn message formats, communication, and message encryption using the TACACS+ and RADIUS protocols
Configure and troubleshoot AAA on Cisco routers
Understand where to position and install the CSACS in your network
Explore and customize the CSACS interface
Configure CSACS user accounts, user groups, and shared profile components
Add AAA clients and manage network connections
Configure external databases and perform database replication and backup
Explore the various reports and logs available in CSACS
Learn how AAA models apply to service provider environments
Install and configure Cisco Access Registrar
As network infrastructures evolve, it is increasingly important that access to vital corporate resources is vigilantly monitored and controlled. The Cisco identity management solutions, including Cisco Secure Access Control Server (CSACS), address this requirement, enabling security, control, and administration of the growing population of users that connect to corporate networks. CSACS, an essential component of the Cisco Identity Based Networking Services (IBNS) architecture, extends access security by combining authentication, user and administrator access, and policy control from a centralized identity-networking framework. This allows greater flexibility and mobility, increased security, and user productivity gains.
Cisco Access Control Security provides you with the skills needed to configure authentication, authorization, and accounting (AAA) services on Cisco devices. Separated into three parts, this book presents hard-to-find configuration details of centralized identity networking solutions. Part I provides an overview of the AAA architecture, complete with discussions of configuring Cisco routers for AAA. Part II addresses enterprise AAA management with CSACS, including installation, configuration, and management details. Part III looks at service provider AAA management with Cisco Access Registrar.
Full of detailed overviews, diagrams, and step-by-step instructions for enabling essential access control solutions, Cisco Access Control Security is a practical tool that can help enforce assigned access policies and simplify user management.
"This book manages the rare combination of being highly accurate
and technically astute, while maintaining an easy readability and
flow. It is a great guide for system administrators looking to
design or manage a reliable, scalable, and secure Access Control
deployment for any size organization."
-Jeremy Steiglitz, ACS Group Product Manager, Cisco Systems
This book is part of the Networking Technology Series from Cisco Press, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.
Table of contents
- Copyright
- About the Author
- Acknowledgments
- Icons Used in This Book
- Introduction
- I. AAA Overview
-
II. Enterprise AAA and Cisco Secure Access Control Server
-
4. Enterprise Authentication Servers
-
Cisco Secure Access Control Server Software and Versions
- Cisco Secure ACS for Windows Server Version 2.0
- Cisco Secure ACS for Windows Server Version 2.1
- Cisco Secure ACS for Windows Server Version 2.3
- Cisco Secure ACS for Windows Server Version 2.4 and 2.5
- Cisco Secure ACS for Windows Server Version 2.6
- Cisco Secure ACS for Windows Server Version 3.0
- Cisco Secure ACS for Windows Server Version 3.1
- Cisco Secure ACS for Windows Server Version 3.2
- Cisco Secure Solution Engine
- Summary
-
Cisco Secure Access Control Server Software and Versions
- 5. Deploying Cisco Secure Access Control Server for Windows Server
- 6. Getting Familiar with CSACS
- 7. Configuring User Accounts
- 8. Configuring User Groups
- 9. Managing Network Configurations
-
10. Configuring Shared Profile Components
- Downloadable ACLs
- Network Access Restrictions
- Configuring Network Access Restrictions
-
Command Authorization Sets
- Working with Command Authorization Sets
- PIX Command Authorization Sets Versus Shell Command Authorization Sets
-
Configuration Considerations for Command Authorization Sets
- Router Preparation for Command Authorization
- PIX Firewall Preparation for Command Authorization
- Configuring Shared Profile Components for Command Authorization
- Deleting Command Authorization Sets
- Editing Shell Command Authorization Sets
- Configuring the Group Profile
- Configuring the User Profile
- Testing Command Authorization
-
Troubleshooting Extended Configurations
- Troubleshooting New Downloadable ACL Configurations
- Troubleshooting Existing Downloadable ACL Configurations
- Troubleshooting New NAR Configurations
- Troubleshooting Existing NAR Configurations
- Troubleshooting New Command Authorization Set Configurations
- Troubleshooting Existing Command Authorization Set Configurations
- Common Issues of Network Access Restrictions
- And Do Not Forget the Importance of Documentation
- Summary
- 11. System Configuration
- 12. Reports and Logging for Windows Server
-
13. Exploring TACACS+ Attribute Values
- TACACS+ AV Pairs Overview
-
Attributes of TACACS+ AV Pairs
- acl=
- addr=
- addr-pool=
- autocmd=
- callback-dialstring=, callback-line=, and callback-rotary=
- cmd=
- cmd-arg=
- dns-servers=
- gw-password=
- idletime=
- inacl#n
- inacl=
- interface-config#<n>
- ip-addresses=
- link-compression=
- load-threshold=n
- max-links=n
- nas-password
- nocallback-verify
- noescape=
- nohangup=
- old-prompts=
- outacl=
- outacl#n
- pool-def#n
- pool-timeout=
- ppp-vj-slot-compression=
- priv-lvl=
- protocol=
- route=
- route#n
- routing=
- rte-ftr-in#n
- rte-ftr-out#n
- sap-fltr-in#n
- sap-fltr-out#n
- sap#n
- service=
- source-ip=
- timeout=
- tunnel-id
- wins-servers=
- zonelist=
- AV Pair Example PPP Network
- Understanding TACACS+ AV Pairs in the ACS Interface
- Summary
-
4. Enterprise Authentication Servers
-
III. Service Provider AAA and the Cisco Access Registrar
- 14. Service Provider AAA and the Cisco CNS Access Registrar
- 15. Configuring the Cisco Access Registrar
- IV. Appendix
Product information
- Title: Cisco Access Control Security: AAA Administrative Services
- Author(s):
- Release date: May 2004
- Publisher(s): Cisco Press
- ISBN: 9781587051241
You might also like
book
Cisco CCIE Routing and Switching v5.0 Configuration Practice Labs, Third Edition
Cisco CCIE Routing and Switching v5.0 Configuration Practice Labs presents you with three full configuration lab …
book
AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility
AAA (Authentication, Authorization, Accounting) describes a framework for intelligently controlling access to network resources, enforcing policies, …
book
Network Administrators Survival Guide
The all-in-one practical guide to supporting your Cisco network Provides detailed tips for using freeware and …
book
Cisco CCIE Routing and Switching v5.0 Troubleshooting Practice Labs, Second Edition
CCIE Routing and Switching v5.0 Troubleshooting Practice Labs presents you with two full troubleshooting lab scenarios …