Chapter1 Overview of Cisco Secure ACS
AAA Server Functions and Concepts
1-4
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
When you install Cisco Secure ACS on your server, the installation adds several
Windows services. The services provide the core of Cisco Secure ACS
functionality. For a full discussion of each service, see the CiscoSecure ACS
Internal Architecture section on page H-1. The Cisco Secure ACS services on
your Cisco Secure ACS server include the following:
CSAdmin—Provides the HTML interface for administration of
Cisco Secure ACS.
CSAuth—Provides authentication services.
CSDBSync—Provides synchronization of the CiscoSecure user database
with an external RDBMS application.
CSLog—Provides logging services, both for accounting and system activity.
CSMon—Provides monitoring, recording, and notification of
Cisco Secure ACS performance, and includes automatic response to some
scenarios.
CSTacacs—Provides communication between TACACS+ AAA clients and
the CSAuth service.
CSRadius—Provides communication between RADIUS AAA clients and
the CSAuth service.
Each module can be started and stopped individually from within the Microsoft
Service Control Panel or as a group from within the CiscoSecure ACS HTML
interface. For information about stopping and starting Cisco Secure ACS
services, see the Service Control section on page 8-2.
AAA Server Functions and Concepts
Cisco Secure ACS is a AAA server, providing authentication, authorization, and
accounting services to network devices that can act as AAA clients.
As a AAA server, Cisco Secure ACS incorporates many technologies to render
AAA services to AAA clients. Understanding CiscoSecure ACS requires
knowledge of many of these technologies. T o address the most si gnificant asp ects,
this section contains the following topics:
Cisco Secure ACS and the AAA Client, page 1-5
AAA ProtocolsTACACS+ and RADIUS, page1-5
Authentication, page 1-7