Monitoring – Cisco 3.3 User Manual

G-5

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Appendix G Internal Architecture

CSMon

Note

CSMon is not intended as a replacement for system, network, or application
management applications but is provided as an application-specific utility that can
be used with other, more generic system management tools.

CSMon performs four basic activities, outlined in the following topics:

•

Monitoring, page G-5

•

Recording, page G-6

•

Notification, page G-7

•

Response, page G-7

Monitoring

CSMon monitors the overall status of Cisco Secure ACS and the system on which
it is running. CSMon actively monitors three basic sets of system parameters:

•

Generic host system state—CSMon monitors the following key system
thresholds:

–

Available hard disk space

–

Processor utilization

–

Physical memory utilization

All events related to generic host system state are categorized as “warning
events”.

•

Application-specific performance

–

Application viability—CSMon periodically performs a test login using
a special built-in test account (the default period is one minute).
Problems with this authentication can be used to determine if the service
has been compromised.

–

Application performance thresholds—CSMon monitors and records
the latency of each test authentication request (the time it takes to receive
a positive response). Each time this is performed, CSMon updates a
variable containing the average response time value. Additionally, it
records whether retries were necessary to achieve a successful response.
By tracking the average time for each test authentication, CSMon can