|
|
This section discusses the objectives, audience, and organization of the CiscoSecure ACS 2.1.2 for UNIX User Guide.
Cisco technical documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM, a member of the Cisco Connection Family, is updated monthly. Therefore, it might be more up to date than printed documentation. To order additional copies of the Documentation CD-ROM, contact your local sales representative or call customer service. The CD-ROM package is available as a single package or as an annual subscription. You can also access Cisco documentation on the World Wide Web at http://www.cisco.com, http://www-china.cisco.com, or http://www-europe.cisco.com.
The objective of this document is to help you configure and use the CiscoSecure Access Control Server (ACS) 2.1.2 for UNIX (Solaris) software and review some basic concepts of network security. For sample file formats, guidelines for troubleshooting, and a list of references and recommended reading, see the appendixes.
This guide was written for system administrators who use the CiscoSecure ACS software to set up and maintain accounts and dial-in network security.
The major sections of this guide are as follows:
| This Chapter: | Contains: |
|---|---|
| Chapter 1, "Introduction to the CiscoSecure ACS Software" | Overview of the CiscoSecure ACS software; defines package contents and system requirements; describes features of the software; and provides general information on network security. |
| Chapter 2, "Preparing to Install the CiscoSecure ACS Software" | Information you need and a checklist to be completed before you begin installing the CiscoSecure ACS software. |
| Chapter 3, "Installing the CiscoSecure ACS Software" | Information on installing the CiscoSecure ACS software on a SPARC Solaris platform. Separate instructions are provided for installing from a CD-ROM and by downloading files from a web site. |
| Chapter 4, "Managing User Authentication and Authorization" | Information on creating and assigning Terminal Access Controller Access Control System (TACACS+) protocol and Remote Authentication Dial-In User Service (RADIUS) protocol attributes to users and user groups. Management includes changing user passwords; adding, deleting, and copying groups and users; changing attributes and values; and other database maintenance tasks. |
| Chapter 5, "Applying TACACS+ and RADIUS Attributes" | Information about the CiscoSecure ACS features, including attributes and sample files. |
| Chapter 6, "CiscoSecure ACS Accounting" | Information on the CiscoSecure ACS software accounting database file and the instructions for enabling accounting. |
| Chapter 7, "Configuring the NAS TACACS+" | Information on configuring the NAS for authentication, authorization, and accounting if you are using the TACACS+ protocol. |
| Chapter 8, "Configuring the NAS for RADIUS" | Information on configuring the NAS for authentication, authorization, and accounting if you are using the RADIUS protocol. |
| Chapter 9, "Token Server Support" | Information on one-time password authentication and token servers. |
| Chapter 10, "Troubleshooting Information for the CiscoSecure ACS" | Information on how to identify and resolve potential problems with your CiscoSecure ACS, including timesaving tips and resources for service and support. |
| Appendix A, "Converting an Existing AA Database to a CiscoSecure ACS 2.1 Database" | Instructions for using the import utility to transfer an existing CiscoSecure database or an existing RADIUS database to the sample runtime database that can be used with CiscoSecure ACS 2.1.2. |
| Appendix B, "CiscoSecure ACS File Formats and Syntax" | Configuration parameters and syntax for the server control file, message catalogs, content and grammar conventions of the AA database, and sample configurations for setting server attributes. |
| Appendix C, "Attributes for Sample CiscoSecure ACS Group Profiles" | Samples of profiles that contain attributes for the groups that will be using several different protocols. |
| Appendix D, "NAS Configuration Examples" | Examples that you can apply directly to your own CiscoSecure ACS platform, including Lock and Key, remote-node IP and IPX dialup, ISDN dialup to a Cisco AS5200, and remote-node IP dialup. |
| Appendix E, "RADIUS Attribute-Value Pairs and Dictionary Management" | Reference information pertaining to the use of the RADIUS protocol to exchange data between your NAS and the CiscoSecure ACS. |
| Appendix F, "CiscoSecure ACS Database Structure" | Reference information on database schema. |
| Appendix G, "References and Recommended Reading" | List of other documents that you might find helpful in your management of CiscoSecure ACS software. |
| Index | Extensive list of topics covered in this guide together with relevant page numbers. |
This publication uses the following conventions to convey instructions and information:
Command descriptions use these conventions:
| This Convention: | Indicates: |
|---|---|
| boldface font | Commands and keywords |
| italic font | Variables for which you supply values |
| plain font | Filenames |
| square brackets ([ ]) | Optional elements |
| braces ({ }) | Group of required keywords |
| vertical bar ( | ) | Alternative keywords within the braces |
Examples use these conventions:
| This Convention: | Indicates: |
|---|---|
screen font
| Terminal sessions |
boldface screen font
| Information you enter |
 | Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. |
 | Time Saver Means the described action saves time. You can save time by performing the action described in the paragraph. |
|
|