The Cisco Secure ACS for Windows Server web browser interface makes
administration of AAA features easy.
Navigation Buttons Each
of the buttons on the navigational bar represents a particular area or function
that can be configured. Depending on the configuration, it may not be necessary
to configure all of the areas. Select one of these buttons to begin
configuring:
User Setup – Add, edit, delete user accounts, and list users in
databases.
Group Setup – Create, edit, rename groups, and list all users in a
group.
Shared Profile Components – Develop and name reusable, shared sets of
authorization components which may be applied to one or more users or groups of
users and referenced by name within their profiles. Components include network
access restrictions (NARs), command authorization sets, and downloadable PIX
Security Appliance access control lists (ACLs).
Network Configuration – Configure and edit AAA clients and server
parameters, add and delete network access clients and servers, and configure
AAA server distribution parameters.
System Configuration – Start and stop Cisco Secure ACS services, configure
logging, control database replication, and control RDBMS synchronization.
Interface Configuration – Configure user defined fields that will be
recorded in accounting logs, configure TACACS+ and RADIUS options, and control
display of options in the user interface.
Administration Control – Control administration of Cisco Secure ACS from
any workstation on the network.
External User Databases – Configure the unknown user policy, configure
authorization privileges for unknown users and configure external database
types.
Reports and Activity – Select Reports & Activity in the
navigational bar to view the following information. These files can be imported
into most database and spreadsheet applications. The following is a partial
list of the types of reports available when accessing Reports &
Activity:
TACACS+ Accounting Report – Lists when sessions stop and start, records
network access server messages with username, provides caller line
identification information, and records the duration of each session
RADIUS Accounting Report – Lists when sessions stop and start, records
network access server messages with username, provides caller line
identification information, and records the duration of each session.
Failed Attempts Report – Lists authentication and authorization failures
with an indication of the cause.
Logged-In Users – Lists all users currently receiving services for a single
network access server or all network access servers with access to Cisco Secure
ACS.
Disabled Accounts – Lists all user accounts that are currently
disabled.
Admin Accounting Reports – Lists configuration commands entered on a
TACACS+ (Cisco) network access server.
Online Documentation – Provides more detailed information about the
configuration, operation, and concepts of Cisco Secure ACS.