Cisco Systems OL-24201-01 ACS Distributed Deployment, ACS 4.x and 5.3 Replication, Related Topics

Chapter 1 Introducing ACS 5.3

ACS Distributed Deployment

ACS provides advanced monitoring, reporting, and troubleshooting tools that help you administer and manage your ACS deployments. For more information on the monitoring, reporting, and troubleshooting capabilities of ACS, see Chapter 11, “Monitoring and Reporting in ACS.”.

For more information about using ACS for device administration and network access scenarios, see Chapter 4, “Common Scenarios Using ACS.”

Cisco Secure ACS:

•Enforces access policies for VPN and wireless users.

•Provides simplified device administration.

•Provides advanced monitoring, reporting, and troubleshooting tools.

There are several changes and enhancements in ACS 5.3 compared to ACS 5.2. For a complete list of new and changed features, see

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/release/notes/ acs_53_rn.html.

Related Topics

•ACS Distributed Deployment, page 1-2

•ACS Management Interfaces, page 1-3

ACS Distributed Deployment

ACS 5.3 is delivered preinstalled on a standard Cisco Linux-based appliance, and supports a fully distributed deployment.

An ACS deployment can consist of a single instance, or multiple instances deployed in a distributed manner, where all instances in a system are managed centrally. One ACS instance becomes the primary instance and you can register additional ACS instances to the primary instance as secondary instances. All instances have the configuration for the entire deployment, which provides redundancy for configuration data.

The primary instance centralizes the configuration of the instances in the deployment. Configuration changes made in the primary instance are automatically replicated to the secondary instance.

You can force a full replication to the secondary instance. Full replication is used when a new secondary instance is registered and in other cases when the replication gap between the secondary instance and the primary instance is significant.

Related Topic

•ACS 4.x and 5.3 Replication, page 1-2

ACS 4.x and 5.3 Replication

In ACS 4.x, you must select the database object types (or classes) you wish to replicate from primary instance to the secondary instance. When you replicate an object, a complete configuration copy is made on the secondary instance.

In ACS 5.3, any configuration changes made in the primary instance are immediately replicated to the secondary instance. Only the configuration changes made since the last replication are propagated to the secondary instance.

User Guide for Cisco Secure Access Control System 5.3