《ciscoACS5.1产品介绍.ppt》由会员分享,可在线阅读,更多相关《ciscoACS5.1产品介绍.ppt(14页珍藏版)》请在三一办公上搜索。
1、Cisco Secure ACS 5.1产品介绍,马旻 系统工程师思科战略客户部2009年12月11日,Hardware/Software Platform,ACS implements identity management and AAA servicesCD-ROM version for VMware ESX serverAppliance version delivered on hardened Linux OS Highly scalable(100,000+users,thousands of RADIUS/TACACS+devices)and feature-rich,ACS
2、 Appliance的优点,Security:The need to create a turnkey security-hardened service focused on exclusively running the Cisco Secure ACS service.The appliance provides an ability to remove all extraneous services,block all unused ports,and otherwise prevent all other access to the Cisco Secure ACS system-a
3、ll of which serve to dramatically increase its security posture.Manageability:The Cisco Secure ACS Solution Engine is a dedicated,exclusive service for AAA with no ability to install or run other services or applications.This greatly improves the support and day-to-day management of the Cisco Secure
4、 ACS system.Reliability:By targeting only the OS services required by Cisco Secure ACS,the Solution Engine appliance offers greater operational reliability and security of the Cisco Secure ACS system.SNMP Support:The Cisco Secure ACS Solution Engine supports Simple Network Management Protocol(SNMP)v
5、1 and v2c(read only),so that external systems can monitor the appliance.SNMP support includes support for MIB-II and HOST-RESOURCES-MIB.Plug and Play:The Cisco Secure ACS Solution Engine is shipped pre-installed with Cisco Secure ACS application software,greatly reducing thetime it takes to setup an
6、d deploy a Cisco Secure ACS solution into your network.,ACS Appliance 5.1配置说明,Licenses类型解释:CSACS-5-ADV-LIC 主要用于6500交换机和Nexus7K交换机使能TrustSec 特性Cisco Catalyst 6500 running Cisco IOS 12.2(33)SXI and Nexus 7000 NX-OS 4.0.3 devices support TrustSecCSACS-5-LRG-LIC 主要用于支持超过500个网络设备的环境Base license 主要用于支持小于5
7、00个网络设备的环境,Cisco 1121 Secure Access Control System 设备介绍,high x wide x deep(44.5mm x 440.0mm x 559.0mm).重量 11.0 kg 到 12.7 kg 之间 CPU:Intel Core 2 Duo 2.4-GHz processor with an 800-MHz front side bus(FSB)and 2 MB of Layer 2 cache.Four synchronous dynamic RAM(SDRAM)slots that are installed with 4 GB.Two
8、 250-GB SATA hard drives installed.A fixed RJ-45 10BASE-T/100BASE-TX/1000BASE-T network interface connector(located on the rear panel).One DVD-ROM drive(located on the front panel).,ACS5.1只能安装在VMware ESX 3.5 或 ESX 4.0 上,ACS 5.1 软件配置说明,Features Unique to the ACS Appliance,Security-hardened underlying
9、 OS.Port-based packet filtering,allowing connections only to the ports necessary for Cisco Secure ACS operation.Serial console interface for initial configuration,subsequent management of IP connections,Web interface,and application of upgrades and remote reboots.The serial console interface support
10、s both serial line and Telnet connections.SNMP read-only support to monitor the appliance from external systems.Backup/restore of the Cisco Secure ACS data via FTP.Recovery procedures.Network Timing Protocol(NTP)support for maintaining network time consistency with other appliances or network devices.,ACS 5.1新增特性,TACACS+EnhancementsIdentity Store EnhancementsSupport for Additional ProtocolsAdministrator Access Feature EnhancementsPolicy Condition EnhancementsMonitoring and Troubleshooting EnhancementsOther Feature Enhancements,最基本部署方式,负载分担部署模式,大规模部署方式,多站点分布部署,计算需要ACS服务器数量的经验公式,