
Designing Access Controls
Choose RADIUS Servers
Table 3-67. RADIUS Server Locations (Centralizing Policies)
Access Control | Access Control | RADIUS Server | RADIUS Server | Credential | Credential | ||
Component | Architecture | Devices | Location | Repository | Repository | ||
Combination |
|
|
|
|
|
| Location |
General | Software servers or | One or more at | Directory | Central site | |||
| centralized | NAC 800s | central site | service |
| ||
General | Software servers or | One or more at | Directory | Central site | |||
| distributed AAA | NAC 800s | each site | service |
| ||
| with centralized |
|
|
|
|
|
|
| policies |
|
|
|
|
|
|
Integrated server | AP 530s or Wireless | One or more at | Directory | Central site | |||
| distributed AAA | Edge Services | each site | service |
| ||
| with centralized | Modules |
|
|
|
| |
| policies |
|
|
|
|
|
|
Integrated server/ | • | AP 530s or | • | One or more | Directory | Central site | |
proxy | centralized |
| Wireless Edge |
| integrated | service |
|
|
|
| Services |
| servers at each |
|
|
|
|
| Modules |
| site |
|
|
|
| • | Softwareservers | • | One or more |
|
|
|
|
| or NAC 800s |
| proxy servers at |
|
|
|
|
|
|
| central site |
|
|
Integrated server/ | • | AP 530s or | One or more at | Directory | Central site | ||
proxy | distributed AAA |
| Wireless Edge | each site | service |
| |
| with centralized |
| Services |
|
|
|
|
| policies |
| Modules |
|
|
|
|
|
| • | Softwareservers |
|
|
|
|
|
|
| or NAC 800s |
|
|
|
|
Turnkey server | Software servers or | One or more at | Software | One (or two) | |||
| centralized | NAC 800s | central site | servers or NAC | servers at central | ||
|
|
|
|
|
| 800s | site |
Turnkey server | Software servers or | One or more at | Software | One (or two) | |||
| distributed AAA | NAC 800s | each site | servers or NAC | servers at central | ||
| with centralized |
|
|
|
| 800s | site |
| policies |
|
|
|
|
|
|
Integrated server/ | • | AP 530s or | • | One or more | Software | One (or two) | |
proxy with turnkey | centralized |
| Wireless Edge |
| integrated | servers or NAC | servers at central |
server |
|
| Services |
| servers at each | 800s | site |
|
|
| Modules |
| site |
|
|
|
| • | Softwareservers | • | One or more |
|
|
|
|
| or NAC 800s |
| proxy servers at |
|
|
|
|
|
|
| central site |
|
|
Integrated server/ | • | AP 530s or | One or more at | Software | One (two) servers | ||
proxy with turnkey | distributed AAA |
| Wireless Edge | each site | servers or NAC | at central site | |
server | with centralized |
| Services |
|
| 800s |
|
| policies |
| Modules |
|
|
|
|
|
| • | Softwareservers |
|
|
|
|
|
|
| or NAC 800s |
|
|
|
|
|
|
|
|
|
|
|
|