1-3
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter1 Introducing ACS 5.4
ACS Licensing Model
ACS 4.x did not provide incremental replication, only full replication, and there was service downtime
for replication. ACS 5.4 provides incremental replications with no service downtime.
You can also force a full replication to the secondary instance if configuration changes do not replicate
it. Full replication is used when a new secondary instance is registered and other cases when the
replication gap between the secondary instance and the prima ry instance is significant.
Table 1 -1 lists some of the differences between ACS 4.x and 5.4 replication.
For more information about setting up a distributed deployment, see Configuring System Operations,
page 17-1.
Note Replication does not work in ACS servers if you use the Cisco Overlay Transport Virtualization
technology in your Virtual Local Area Network.
Note Network Address Translation (NAT) is not supported in an ACS distributed deployment environment.
That is, if the network address of a primary or secondary instance is translated, then the database
replication may not work properly, and it may display a shared secret mismatch error.
ACS Licensing Model
You must have a valid license to operate ACS; ACS prompts you to install a valid base license when you
first access the web interface. Each server requires a unique base license in a distributed deployment.
For information about the types of licenses you can install, see Types of Licenses, page18-34. For more
information about licenses, see Licensing Overview, page 18-34.
Related Topic
ACS Distributed Deployment, page 1-2
ACS Management Interfaces
This section contains the following topics:
Table1-1 Differences Between ACS 4.x and 5.4 Replication
ACS 4.x ACS 5.4
You can choose the data items to be replicated. You cannot choose the data items to be replicated.
All data items, by default are replicated.
Supports multi-level or cascading replication. Supports only a fixed flat replication. Cascading
replication is not supported.
Some data items, such as the external database
configurations, are not replicated.
All data items are replicated except the database
key, database certificate, and master keys. The
server certificates, Certificate Signing Requests
(CSRs), and private keys are replicated, but they
are not shown in the interface.