H-7
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
AppendixH Ci scoSecure ACS Internal Architecture CSMon
TACACS+ AdministrationContains the log files of TACACS+
administration events
VoIP AccountingContains the log files of successful authentication and
authorization activity for Voice over IP (VoIP) users
CSMon
CSMon is a service provided as a part of Cisco Secure ACS that facilitates
minimum down time in a remote access network environment. CSMon performs
four basic activities:
MonitoringMonitors the overall status of Cisco Secure ACS and the
system on which it is running
RecordingRecords and reports all exceptions to a special log file
NotificationAlerts the administrator to potential problems and real events
regarding Cisco Secure ACS and records all such problems
ResponseAttempts to automatically and intelligently fix detected
problems
CSMon works for both TACACS+ and RADIUS and automatically detects which
protocols are in use.
Note CSMon is not intended as a replacement for system, network, or application
management applications but is provided as an application-specific utility that
can be used with other, more generic system management tools.

Monitoring

CSMon actively monitors three basic sets of system parameters:
Generic host system stateWindows NT/2000 itself provides several built-in
utilities, such as the Event Log and Performance Monitor, to monitor overall
system health, and there are several commercial applications available.
CSMon monitors a small number of additional key system thresholds:
Available space on the system hard disk (the drive with the
WindowsNT/2000 directory).