IBM Tivoli and Cisco User Manual

42

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

for network devices and other services. The various components that constitute
the ACS and a brief description of their functions are discussed here.

The ACS architecture consists of seven services bundled within ACS. Figure 3-2
shows the internal ACS components and their functions.

Figure 3-2 ACS architecture

Here are brief explanations for the ACS services:

CSAdmin

Provides an HTML interface for administration of ACS

CSAuth

Provides authentication services

CSDBSync

Provides synchronization of the internal ACS user database
with third-party external RDBMS applications

CSlog

Provides logging services both for accounting and system
activity

CSTacacs

Provides communication between TACACS+ AAA clients and
the CSAuth service

CSRadius

Provides communication between RADIUS AAA clients and
the CSAuth service

CSMon

Provides monitoring, recording, and notification of ACS
performance and includes automatic response to some
scenarios

CSAdmin

CSAuth

CSDBSync

CSlog

CSTacacs

CSRadius

CSMon

Administration

Authentication

External DB

sync

Logging

TACACS

communication

Monitoring

RADIUS

communication

Service

Function