Chapter2 De ploying CiscoSecure ACS
Basic Deployment Factors for CiscoSecure ACS
2-4
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
For the latest information about tested browsers and other third-party
applications, such as Novell NDS clients and token-card clients, see the Release
Notes. The latest version of the Release Notes is posted on http://www.cisco.com.

Network Requirements

Your network should meet the following requi rements before you be gin installing
Cisco Secure ACS.
To have CiscoSecure ACS use the Grant Dial-in Permission to User feature
in Windows when authorizing network users, make sure this option is
checked in the Windows NT User Manager or Windows 2 000 Active
Directory Users and Computers for the applicable user accounts.
For full TACACS+ and RADIUS support on Cisco IOS devices, make sure
that your AAA clients are running Cisco IOS Release 11.2 or later.
Make sure that any non-Cisco IOS AAA clients can be configured with
TACACS+ and/or RADIUS.
Make sure that dial-in, VPN, or wireless clients can successfully connect to
the applicable AAA clients.
Make sure that the Windows server can ping AAA clients.
Make sure a compatible web browser is installed on the Windows server. For
more information, see the Third-Party Software Requirements section on
page 2-3.
Basic Deployment Factors for Cisco Secure ACS
Generally, the ease in deploying CiscoSecure ACS is directly related to the
complexity of the implementation planned and the degree to which you have
defined your policies and requirements. This section presents some of the basic
factors you should consider before you begin implementing CiscoSecure ACS.
This section includes the following topics:
Network Topology, page2-5
Remote Access Policy, page2-13
Security Policy, page2-14