From: Brian Dennis (brian@xxxxxx)
Date: Sat Jan 05 2002 - 22:47:03 GMT-3
Jay,
The ACS (Access Control Server) is an application on the Windows or Unix
box. It doesn't run on the AS5300. The AS5300 "uses" the ACS to
authenticate, authorize and account for a users activity. Think of it as the
central point in a network that all devices authenticate too. Any device
could use it to authenticate a user. Be it a Cat5000, 2501, AS5300,
whatever. If you didn't have something like a ACS server, you would have to
configure every username and password on every device. Just removing or
adding one user would be a headache. Not to mention the issues with trying
to authorize or account for a users activity.
As a side note you can get TACACS+ and Radius for free. The Cisco ACS
software just provides a nice interface to the TACACS+ and Radius software.
With the Winblows version it will also authenticate to the NT
username/password database.
Brian Dennis, CCIE #2210 (R&S)(ISP/Dial) CCSI #98640
5G Networks, Inc.
brian@5g.net
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Jay Chandradas
> Sent: Saturday, January 05, 2002 4:48 PM
> To: ccielab@groupstudy.com
> Subject: Cisco NAS and CSNT/UNIX
>
>
> Hi guys,
>
>
> I have a basic question on Cisco Network Acess server. May be I
> am confused.
>
> Is there a relation between using a Cisco ACS like a AS5300
> versus Using a
> Cisco secure ACS for NT/UNIX. Is these two units serving two different
> purposes.
>
> I understand CSNT is used for configuring RADIUS and TACACS and
> connect to
> a perimeter router router. Where does the BOX AS5300 ( NAS )
> comes into the
> picture of designing Network Security.
>
> TIA
>
> Jay
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:56:17 GMT-3