Setup guide
Chapter 1 Cisco Secure ACS Appliance Overview
System Description
1-2
Installation and Setup Guide for Cisco Secure ACS Appliance
78-14573-02
To ensure a highly secure posture, Cisco Secure ACS Appliance:
• Runs only the necessary services of the underlying hardened Windows
operating system. (See Appendix B, “Windows Service Advisement,” for
details on the hardening.)
• Does not support a keyboard or monitor.
• Does not provide access to its file system.
• Does not allow running arbitrary applications on it.
• Allows TCP/IP connections only via the ports necessary to its own
operations.
Figure 1-1 shows the Cisco Secure ACS Appliance operating context.
Figure 1-1 Cisco Secure ACS Appliance Context Diagram
The administrative console shown in the context diagram represents any data
terminal equipment (DTE) capable of supporting administrative connection via a
serial port connection and is generally referred to as a console in this guide.
78230
Network
Cisco Secure
ACS Appliance
External User
Database(s)
Serial Port
Connection
HTTPS
Radius or
TACAS+
Encrypted
TCP
Encrypted
TCP
FTP
Administrative
Console
Administrative
HTML Interface
AAA clients
Solaris Server with
Solaris Remote Service
Windows Server with
Windows Remote Service
FTP Server