beautypg.com

Cisco 3.3 User Manual

Page 96

background image

Chapter 2 Deployment Considerations

Suggested Deployment Sequence

2-20

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

For more information about setting up administrators, see

Chapter 1,

“Overview”

.

Configure the Cisco Secure ACS HTML Interface—You can configure the
Cisco Secure ACS HTML interface to show only those features and controls
that you intend to use. This makes using Cisco Secure ACS less difficult than
it would be if you had to contend with multiple parts of the HTML interface
that you do not plan to use. The price of this convenience can sometimes be
frustration that features and controls do not appear because you failed to
configure them in the Interface Configuration section. For guidance on
configuring the HTML interface, see

Interface Design Concepts, page 3-2

.

For information about configuring particular aspects of the HTML interface,
see the following sections of the interface configuration chapter:

User Data Configuration Options, page 3-3

Advanced Options, page 3-4

Protocol Configuration Options for TACACS+, page 3-7

Protocol Configuration Options for RADIUS, page 3-11

Configure System—There are more than a dozen functions within the
System Configuration section to be considered, from setting the format for
the display of dates and password validation to configuring settings for
database replication and RDBMS synchronization. These functions are
detailed in

Chapter 8, “System Configuration: Basic”

. Of particular note

during initial system configuration is setting up the logs and reports to be
generated by Cisco Secure ACS; for more information, see

Chapter 1,

“Overview”

.

Configure Network—You control distributed and proxied AAA functions in
the Network Configuration section of the HTML interface. From here, you
establish the identity, location, and grouping of AAA clients and servers, and
determine what authentication protocols each is to use. For more information,
see

Chapter 4, “Network Configuration”

.

Configure External User Database—During this phase of deployment you
must decide whether and how you intend to implement an external database
to establish and maintain user authentication accounts. Typically, this
decision is made according to your existing network administration
mechanisms. For information about the types of databases Cisco Secure ACS
supports and instructions for establishing them, see

Chapter 13, “User

Databases”

.