| | |  | Computer Security | Home » » Cisco Access Control Security: AAA Administration Services | | | | | | | Description: | | Hands-on techniques for enabling authentication, authorization, and accounting - Understand the security concepts behind the AAA framework
- Learn message formats, communication, and message encryption using the TACACS+ and RADIUS protocols
- Configure and troubleshoot AAA on Cisco routers
- Understand where to position and install the CSACS in your network
- Explore and customize the CSACS interface
- Configure CSACS user accounts, user groups, and shared profile components
- Add AAA clients and manage network connections
- Configure external databases and perform database replication and backup
- Explore the various reports and logs available in CSACS
- Learn how AAA models apply to service provider environments
- Install and configure Cisco Access Registrar
As network infrastructures evolve, it is increasingly important that access to vital corporate resources is vigilantly monitored and controlled. The Cisco identity management solutions, including Cisco Secure Access Control Server (CSACS), address this requirement, enabling security, control, and administration of the growing population of users that connect to corporate networks. CSACS, an essential component of the Cisco Identity Based Networking Services (IBNS) architecture, extends access security by combining authentication, user and administrator access, and policy control from a centralized identity-networking framework. This allows greater flexibility and mobility, increased security, and user productivity gains. Cisco Access Control Security provides you with the skills needed to configure authentication, authorization, and accounting (AAA) services on Cisco devices. Separated into three parts, this book presents hard-to-find configuration details of centralized identity networking solutions. Part I provides an overview of the AAA architecture, complete with discussions of configuring Cisco routers for AAA. Part II addresses enterprise AAA management with CSACS, including installation, configuration, and management details. Part III looks at service provider AAA management with Cisco Access Registrar. Full of detailed overviews, diagrams, and step-by-step instructions for enabling essential access control solutions, Cisco Access Control Security is a practical tool that can help enforce assigned access policies and simplify user management. "This book manages the rare combination of being highly accurate and technically astute, while maintaining an easy readability and flow. It is a great guide for system administrators looking to design or manage a reliable, scalable, and secure Access Control deployment for any size organization."
-Jeremy Steiglitz, ACS Group Product Manager, Cisco Systems This book is part of the Networking Technology Series from Cisco Press, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers. | | | Product Details: | | | Author:
| Brandon James Carroll | | Paperback:
| 456 pages | | Publisher:
| Cisco Press | | Publication Date:
| June 06, 2004 | | Language:
| English | | ISBN:
| 1587051249 | | Product Length:
| 9.16 inches | | Product Width:
| 7.35 inches | | Product Height:
| 0.97 inches | | Product Weight:
| 1.71 pounds | | Package Length:
| 9.4 inches | | Package Width:
| 7.7 inches | | Package Height:
| 1.23 inches | | Package Weight:
| 2.1 pounds | | Average Customer Rating:
|  based on 6 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 6 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
3 of 3 found the following review helpful:
 Excellent book if you want to deploy and maintain CSACSSep 19, 2005
By Rik Guyler
"Solutions Architect"
Brandon Carroll's Cisco Access Control Security: AAA Administration Services is worthy of consideration by anybody with either a current or future deployment of CSACS (Cisco Secure ACS). While not an all-inclusive reference, this book will get you started in the right direction. Brandon takes a large motley mixture of Cisco documentation and condenses it down to a format that is informative and easy to read.
The things I like about this book:
I found Cisco Access Control Security: AAA Administration Services a very easy read compared to the actual documentation for CSACS. Brandon does not make the same assumption as the Cisco documentation authors do in that you already know this product of the concepts of this product fairly well. Instead, he takes the approach that you know very little about the product and starts with the basics.
Starting with a technology overview, Brandon then takes you through CSACS installation, configuration and then troubleshooting. There are even several configuration examples for the client devices, such as Cisco routers and switches, firewalls, VPN devices and access points.
The style in which this book was published makes it very legible and easy to follow. I found that it contains a nice mixture of screenshots, configuration examples and diagrams, which has become a trademark of Cisco Press publications. I also did not find the numerous obvious errors that seem to be typical of most technical books.
The information was given in a clear and concise manner without a lot of fluff. With only 431 pages (including index), there was very little written that was not important to the topic. After having read dozens of technical books, this was a refreshing change of pace from the 1000+ page tomes that contain no more real content than this book does.
The things I do not like about this book:
While this book is excellent for taking you through the basics of CSACS, it is not in-depth enough to be of much interest to an advanced Engineer looking to dig into the nuts and bolts of CSACS. If your goal when considering this book is to help you get your deployment up and running with a minimum of effort than this is the book for you but don't expect it to take you deep into how RADIUS or TACACS+ works.
I also do not believe that this book should have included the chapters on the Cisco CNS AR product, which is typically deployed by service providers and so a significantly different product than CSACS. Providing only a couple of chapters to this product does not do it justice. I would have preferred a quick blurb describing the product rather than dedicating two entire chapters that serve very little practical purpose.
I recommend Cisco Access Control Security: AAA Administration Services for beginning to intermediate Engineers that wish to learn more about the concepts, deployment and maintenance of Cisco Secure ACS.
 Focused on Cisco Access Control Server productSep 15, 2009
By Tedd
"Ed"
A features and configuration guide for Cisco ACS. In the initial chapters the book goes through AAA but more as a needed introduction to ACS than as a complete subject. In my opinion it would be great to have more information about AAA services like privilege command for local router database, sample of complex router and ASA optimazed configs, etc. I gave a 3 star because I found the book helpful for an ACS implementation+configuration, which is mainly what it covers. So just changing the title to something like "Implementing Cisco AAA through Cisco ACS" would make it a clearer choice for the ones interested in its contents.
Ok for the key concepts, but not a 'bible' by any means.Jul 24, 2005
By Heather M. King
As a senior level student implementing my final security design project using ACS, I purchased this book expecting it to be an indespensible resource. Honestly, I don't use it very much as the book really just skims all the main topics. It's good if you want to get a general idea of what ACS is capable of, but for daily use the ACS help files are alot better. ps. Why is there no mention of the fact that ACS allows you to use wildcards for Shared-Profile Components in this book?
A great read and reference for anyone implementing CS ACS.Oct 31, 2004
By DClark
"Danny M. Clark II"
Cisco Access Control Security will walk the reader through designing, installing and administering Cisco Secure ACS. I believe by reading this book the reader will help ensure a better design and implementation of their ACS solution. If you are just beginning to learn the Cisco ACS or if you have been working with it for years you will be able to take away valuable information from reading this book.
Networks today require more and more attention to security. With the implementations of dial-up, Virtual Private Networks (VPN), Wireless and other methods for access network resources it becomes more difficult to protect the network. A large part of securing the network resides in Authentication, Authorization and Accounting (AAA) and their associated protocols (RADIUS and TACACS) to name a few.
The author, Brandon Carroll, has done a fantastic job of organizing and presenting information that I feel will be valuable for both beginners and advanced network staff. If you require an understanding to how Remote Authentication Dial-In User Service (RADIUS) and Terminal Access Controller Access Control Systems (TACACS) can be used in your AAA design, this book provides a detailed look at these protocols and their capabilities. It then goes into great detail providing a step-by-step guide to installing and configuring the Cisco Secure Access Control Server for Windows. Screenshots are provided to help you visualize the java-based web interface.
Brandon then provides some guidelines for deploying ACS for Dialup, Virtual Private Networks (VPN), Wireless and other deployments in both small and enterprise environments. One area that was specifically important to me was distributed deployment for large enterprises. Reading this chapter made me realize several issues within the environment that I currently work; which we will now be able to address to prevent a catastrophic outage.
One of the great aspects of this book is that it makes a useful reference tool. In each chapter there are a number of web links which are related to the topic covered. These include links to standards boards covering the various protocols, specific hardware and IOS version configuration guides and links to Cisco's CCO for additional ACS documentation. The author uses screen shots of the ACS menus and configuration examples. This is extremely useful and allows for familiarity when actually sitting down to perform the first software install or configuration. The extensive screenshots and detailed RADIUS and TACACS Attribute-Value tables makes this a very quick read, even at over 400 pages.
For someone currently running Cisco's ACS software and are looking to upgrade to a newer version, this book will provide you with information covering the specific versions of ACS from version 2.0 to 3.2.
Recently Cisco has come to market with an appliance that provides a dedicated platform for the Cisco ACS software. The author focuses heavily on the ACS software and does not provide a lot detail on the Cisco ACS Solution Engine. There are enough differences between the two that I believe Brandon could have had a dedicated chapter on this. If you are searching for detailed information on the Solution Engine you will need to search Cisco's CCO.
Although the Solution Engine is not well covered; and as someone who primarily uses the Cisco ACS Solution Engine; I still highly recommend this book to anyone who is planning to or already has implemented the Cisco Secure ACS. This book has been valuable addition and a great resource.
 Never browsed the basic functions of CSACS? - good buy.Oct 30, 2004
By Cisco Kid
This book is what I regrettably expected. It is a good base for anyone who has not browsed Cisco's Access Control Security but I don't recommend it for an in-depth reference or study guide. Whenever there is something I read that I had hoped would offer more detail, I am referred to an out-of-date Cisco link and I am forced to browse Cisco's web site, which seems scattered on the subject - I'll save that one for another time. For instance, I am looking into AV (Attribute Value Pairs) and I want to set up dynamic access-list connections and other functions other than the dynamic list and 'access-enable host timeout' features in the 'Group Setup' and it gives a hint or two that what I have in mind is possible through AV Pairs, but that is it. It doesn't show how to set them up, so I have been spending the usual hours getting piece by piece information on Cisco's site. So I spend the usual time - hours on Cisco's site instead of using the book as a valuable reference tool. There are lots of examples like this, however. The book has given me some knowledge and value but only to frustrate me because there is not much technical detail that I haven't already seen on Cisco's web site, which is why I bought the book in the first place. Good book for getting to know CSACS but if you want to be a real technician, I have no other referrals for you because this book won't give them, so good luck with browsing Cisco.com.
See all 6 customer reviews on Amazon.com
| | |
* Estimated shipping rate for US 48 states. Final rate calculated at checkout. |
