CSACS has several features that are worth noting. These features help with the administration, maintenance, and operation of CSACS. Administrative FeaturesAs mentioned earlier, you configure CSACS via a GUI-based Web browser. Also, if you want to use CSACS's internal database without the hassle of re-creating user records, there is hope. CSACS has an import function so you can import user records. CSACS can write accounting records to a CSV log file or Open Database Connectivity (ODBC) database, and the accounting files are separate for TACACS+ and RADIUS. Distributed System FeaturesCSACS would not be much good to a organization if it supported only a single server. With CSACS, you can have multiple ACSs that function as primary, backup, client, or peer systems. Therefore, you can ensure redundancy with CSACS as well as load-balance across multiple ACSs. Some of the additional distributed system features follow:
External Database FeaturesIn addition to the previously mentioned external databases, CSACS also supports the following databases:
Database Management FeaturesAll the information that can be entered and maintained by CSACS needs to be stored somewhere, and that somewhere is a database. Several features within CSACS allow for database management. Obviously, some of the database-management tools that CSACS supports are database replication and synchronization. You use the database-replication feature in fault-tolerant environments. When you are using multiple CSACS servers, it replicates the database among the various ACSs that you are using. The RDBMS synchronization feature consists of two components , the CSDBSync service and the accountActions table. The RDBMS synchronization feature allows you to update the CSACS user database from an ODBC-compliant data source. Figure 5.7 displays the System Configuration options. Using this menu, you can select RDBMS synchronization to configure database synchronization. Figure 5.7. RDBMS synchronization.
TACACS+ SupportTACACS+ support includes the ARA, Link Control Protocol (LCP), PPP, SLIP, and EXEC shell. Figure 5.8 displays the predefined protocols that you can use with the CSACS server running TACACS+. Figure 5.8. TACACS+ protocol support.
RADIUS SupportCSACS supports a number of RADIUS features, including Internet Engineering Task Force (IETF) RADIUS, custom RADIUS AV pairs, and, of course, Cisco RADIUS AV pairs. |