The Cisco Secure Access Control Server (CSACS) is Cisco's AAA server that supports both the RADIUS and TACACS+ protocols. The software provides centralized AAA services for AAA clients such as the PIX firewall. It is also very scalable, with the option to use its own user database or connect to an external user database, such as one of these:
The CSACS can be installed onto Unix or Microsoft Windows Server. Cisco uses a Web page front-end to configure the system. The following are some of the Windows requirements:
During the installation, the software asks for at least one network access server (NAS) to be set up. A NAS is an AAA client, and in this case it's the PIX firewall (see Figure 10.3). CSACS can support up to 2,000 AAA clients.
Figure 10.3. The CSACS NAS dialog box.