Cisco Secure Access Control Server for Windows
Authentication and user databases

Authentication determines user identity and verifies the information. Traditional authentication uses a name and a fixed password. More modern and secure methods use technologies such as CHAP and one-time passwords (OTPs). Cisco Secure ACS supports a wide variety of these authentication methods.

There is a fundamental implicit relationship between authentication and authorization. The more authorization privileges granted to a user, the stronger the authentication should be. Cisco Secure ACS supports this fundamental relationship by providing various methods of authentication.

Network administrators who offer increased levels of security services, and corporations that want to lessen the chance of intruder access resulting from password capturing, can use an OTP. Cisco Secure ACS supports several types of OTP solutions, including PAP for Point-to-Point Protocol (PPP) remote-node login. Token cards are considered one of the strongest OTP authentication mechanisms.

Cisco Secure ACS supports a variety of user databases . In addition to the CiscoSecure user database, Cisco Secure ACS supports several external user databases, including the following:

  • Windows NT/2000 User Database
  • Generic LDAP
  • Novell NetWare Directory Services (NDS)
  • Open Database Connectivity (ODBC)-compliant relational databases
  • CRYPTOCard token server
  • SafeWord token server
  • AXENT token server
  • RSA SecureID token server
  • ActivCard token server
  • Vasco token server