1-21
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 1 Overview
AAA Server Functions and Concepts
Other Authorization-Related Features
In addition to the authorization-related features discussed in this section, the
following features are provided by Cisco Secure ACS:
•Group administration of users, with support for 500 groups (see Chapter 6,
“User Group Management”).
•Ability to map a user from an external user database to a specific
Cisco Secure ACS group (see Chapter 16, “User Group Mapping and
Specification”).
•Ability to disable an account after a number of failed attempts, specified by
the administrator (see Setting Options for User Account Disablement,
page 7-20).
•Ability to disable an account on a specific date (see Setting Options for User
Account Disablement, page 7-20).
•Ability to disable groups of users (see Group Disablement, page 6-4).
•Ability to restrict time-of-day and day-of-week access (see Setting Default
Time-of-Day Access for a User Group, page 6-5).
•Network access restrictions (NARs) based on remote address caller line
identification (CLID) and dialed number identification service (DNIS) (see
Setting Network Access Restrictions for a User Group, page 6-8).
•Downloadable ACLs for users or groups, enabling centralized, modular ACL
management (see Downloadable IP ACLs, page 5-7).
•Network access filters, enabling you to apply different downloadable ACLs
and NARs based upon a user’s point of entry into your network (see Network
Access Filters, page 5-2).
•IP pools for IP address assignment of end-user client hosts (see Setting IP
Address Assignment Method for a User Group, page 6-28).
•Per-user and per-group TACACS+ or RADIUS attributes (see Advanced
Options, page 3-4).
•Support for Voice-over-IP (VoIP), including configurable logging of
accounting data (see Enabling VoIP Support for a User Group, page 6-4).