CHAPT ER
2-1
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
2
Deploying Cisco Secure ACSDeployment of Cisco Secure Access Control Server for Windows NT/2000
Servers Version 3.0 (Cisco Secure ACS) can be a complex and iterative process
that differs depending on the specific implementation required. This chapter
provides insight into many aspects of the deployment process; it is designed not
as a one-size-fits-all procedure, but as a collection of interconnected factors that
you should consider before you install Cisco Secure ACS.
The level of complexity in deploying CiscoSecure ACS reflects the evolving
nature of AAA servers in general, and the advanced capabilities, flexibility, and
features of Cisco Secure ACS in particular. When AAA was first conceived, its
main purpose was to provide a centralized point of control for user access via
dial-up services. As user databases grew and the locations of the access servers
became more dispersed, more capability was required of the AAA server.
Regional, then global, requirements became common. Today, CiscoSecure ACS
is required to provide AAA services for dial-up access, dial-out access, wireless,
VLAN access, firewalls, VPN concentrators, administrative controls, and more.
The list of external databases supported has also continued to grow and the
employment of multiple databases, as well as multiple Cisco Secure ACSs, has
become more common. Regardless of the scope of your particular
Cisco Secure ACS deployment, the information contained in this chapter should
prove valuable. If you have particular deployment questions not addressed in this
guide, contact your Cisco technical representative for assistance.
This chapter contains the following sections:
•Basic Deployment Requirements for CiscoSecure ACS, page2-2
•Basic Deployment Factors for Cisco Secure ACS, page 2-4
•Suggested Deployment Sequence, page 2-18