1-17
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter1 Overview of Cisco Secure ACS AAA Server Functions and Concepts

Other Authorization-Related Features

In addition to the authorization-related features discussed in this section, the
following features are provided by Cisco Secure ACS:
Group administration of users, with support for up to 500 groups (see the
Setting Up and Managing User Groups section on page 6-1)
Ability to map a user from an external user database to a specific
Cisco Secure ACS group (see the Database Group Mappings section on
page 12-10)
Ability to disable an account after a number of failed attempts, specified by
the administrator (see the Setting Options for User Account Disablement
section on page 7-21)
Ability to disable an account on a specific date (see the Setting Options for
User Account Disablement section on page 7-21)
Ability to restrict time-of-day and day-of-week access (see the Setting
Default Time of Day Access for a User Group section on page 6-5)
Ability to restrict network access based on remote address caller line
identification (CLID) and dialed number identification service (DNIS) (see
the Setting Network Access Restrictions for a User Group section on
page 6-7)
IP Pools for IP address assignment of end-user client hosts (see the Setting
IP Address Assignment Method for a User Group section on page6-26)
Per-user and per-group TACACS+ or RADIUS attributes (see the Advanced
Options section on page 3-4)
Support for Voice over IP (VoIP), including configurable logging of
accounting data (see the Enabling VoIP Support for a User Group section
on page 6-4)
Accounting
AAA clients use the accounting functions provided by the RADIUS and
TACACS+ protocols to communicate relevant data for each user session to the
AAA server for recording. Cisco Secure ACS writes accounting records to a
comma-separated value (CSV) log file or ODBC database, depending upon your