What is Cisco ACS?

Cisco Access Control Server (ACS) is a system that manages the accessibility of heterogeneous network devices from a central location. In order to access a resource, a user must authenticate through a router or other device. In the absence of a central server, each device must add a user to its database.

What is Cisco ACS
What is Cisco ACS

So that each Cisco device can do AAA for a user, but there will be a nightmare once the number of devices and users becomes big. For example, imagine you have thousands of Cisco devices and millions of user accounts. Can you imagine all local databases synchronized, and most of the time, users keep updating, maybe because they are leaving your network, etc.?

With an access control server (ACS), we can implement a centralized AAA server for multiple devices and users when a user needs to access the device. A profile is created locally on the ACS server, configuring the device to point to the ACS. This eliminates the need to create users locally on devices such as routers, switches, etc.

The Cisco ACS also has the option to use an external database such as Active Directory.

How Cisco ACS works?

  • There is a remote client that connects to the router for authentication.
  • Once a resource request reaches the router.
  • The router holds the request and displays an authentication form to the client for the username and password.
  • After filling in the credentials, the client sends them to the router. In turn, the router passes this information to the ACS server.
  • The server sends the response after a check for the received credentials against its database on authentication requests.
  • Response finally reaches the client, and he can use the network.
  • Besides just using the network, a user may also get access to modify the user database.

Key features of Cisco ACS?

  • Easy to use GUI.
  • Uses legacy RADIUS protocol.
  • Each to modify security policies for all devices from a central place.
  • Support a variety of database connections. ODBC, LDAP, Active Directory, etc.
  • It is a redundant and scalable solution.
  • An access server, dialups, routers, and a switch can use Cisco ACS.

 What are the popular supporting platforms as per  Cisco?

  • Windows 2000 Server.
  • Windows 2000 Advanced Server (Service Pack 4) without features specific to Windows 2000.
  • Advanced Server enabled or without Microsoft clustering service installed (English version only).
  • Windows Server 2003, Enterprise Edition, or Standard Edition (Service Pack 1).
  • Japanese Windows Server 2003 (Service Pack 1).

Is Cisco ACS a software or hardware solution?

The AAA server solution comes with three options.

  • Hardware Solution – The Server has software and hardware in a single box.
  • Software for Windows – A software solution that can be installed on a Windows Operating System.
  • Virtual Machine Installation.