What is Cisco ACS?

The Cisco Access Control Server (ACS) is an AAA management system, that allows managing all heterogeneous network devices access centrally.   To access the resource a user needs to do an authenticate to get access via a router or other device.   Without a central server, each device needs to add a user to its own database.

What is Cisco ACS
What is Cisco ACS

So that each Cisco device can do AAA for a user. But there will be a nightmare once the number of devices and users becomes big. As a simple example, just imagine you have thousands of Cisco devices and millions of user accounts can you try to imagine all local databases synchronized and most of the time users keep updating, maybe because they are leaving your network, etc.

With an access control server (ACS), we can implement a centralized AAA server for multiple devices and users.  When a user needs to access the device.  A profile is created locally on the ACS server and the device is configured to point to the ACS.  This eliminates the need to create users locally on devices such as routers, switches, etc.

The Cisco ACS also comes with an option to use an external database such as Active directory etc.

How Cisco ACS works?

  • There is a remote client, that connects to the router for authentication.
  • Once a resource request reaches the router.
  • The router holds the request and displays an authentication form to the client for the user name and password.
  • After filling in the credentials, the client sends them to the router. In turn, the router passes this information to the ACS server.
  • On authentication requests, the server sends the response after a check for the received credentials against its database.
  • Response finally reaches the client and he can use the network.
  • Other than just using the network, a user may also get access to modify the user database.

Key features of Cisco ACS?

  • Easy to use GUI
  • Uses legacy RADIUS protocol.
  • Each to modify security policies for all devices from a central place.
  • Support a variety of database connections. ODBC, LDAP, Active Directory, etc.
  • It is a redundant and scalable solution.
  • An access server, dialups, routers, and a switch can use Cisco ACS.

 What are the popular supporting platforms as per  Cisco?

  • Windows 2000 Server
  • Windows 2000 Advanced Server (Service Pack 4) without features specific to Windows 2000 Advanced Server enabled or without Microsoft clustering service installed (English version only)
  • Windows Server 2003, Enterprise Edition or Standard Edition (Service Pack 1)
  • Japanese Windows Server 2003 (Service Pack 1)

Is Cisco ACS is a software or hardware solution?

The AAA server solution comes with three options.

  • Hardware Solution – The Server comes with software and hardware in a single box.
  • Software for Windows – A software solution that can be installed on a Windows Operating System.
  • Virtual Machine Installation.