H-7
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
AppendixH Ci scoSecure ACS Internal Architecture CSMon
•TACACS+ Administration—Contains the log files of TACACS+
administration events
•VoIP Accounting—Contains the log files of successful authentication and
authorization activity for Voice over IP (VoIP) users
CSMonCSMon is a service provided as a part of Cisco Secure ACS that facilitates
minimum down time in a remote access network environment. CSMon performs
four basic activities:
•Monitoring—Monitors the overall status of Cisco Secure ACS and the
system on which it is running
•Recording—Records and reports all exceptions to a special log file
•Notification—Alerts the administrator to potential problems and real events
regarding Cisco Secure ACS and records all such problems
•Response—Attempts to automatically and intelligently fix detected
problems
CSMon works for both TACACS+ and RADIUS and automatically detects which
protocols are in use.
Note CSMon is not intended as a replacement for system, network, or application
management applications but is provided as an application-specific utility that
can be used with other, more generic system management tools.
Monitoring
CSMon actively monitors three basic sets of system parameters:
•Generic host system state—Windows NT/2000 itself provides several built-in
utilities, such as the Event Log and Performance Monitor, to monitor overall
system health, and there are several commercial applications available.
CSMon monitors a small number of additional key system thresholds:
•Available space on the system hard disk (the drive with the
WindowsNT/2000 directory).