AAA Identity Management Security

Cisco's complete, authoritative guide to Authentication, Authorization, and Accounting (AAA) solutions with CiscoSecure ACS

• AAA solutions are very frequently used by customers to provide secure access to devices and networks
• AAA solutions are difficult and confusing to implement even though they are almost mandatory
• Helps IT Pros choose the best identity management protocols and designs for their environments
• Covers AAA on Cisco routers, switches, access points, and firewalls

This is the first complete, authoritative, single-source guide to implementing, configuring, and managing Authentication, Authorization and Accounting (AAA) identity management with CiscoSecure Access Control Server (ACS) 4 and 5. Written by three of Cisco's most experienced CiscoSecure product support experts, it covers all AAA solutions (except NAC) on Cisco routers, switches, access points, firewalls, and concentrators. It also thoroughly addresses both ACS configuration and troubleshooting, including the use of external databases supported by ACS. Each of this book's six sections focuses on specific Cisco devices and their AAA configuration with ACS. Each chapter covers configuration syntax and examples, debug outputs with explanations, and ACS screenshots. Drawing on the authors' experience with several thousand support cases in organizations of all kinds, AAA Identity Management Security presents pitfalls, warnings, and tips throughout. Each major topic concludes with a practical, hands-on lab scenario corresponding to a real-life solution that has been widely implemented by Cisco customers. This book brings together crucial information that was previously scattered across multiple sources. It will be indispensable to every professional running CiscoSecure ACS 4 or 5, as well as all candidates for CCSP and CCIE (Security or R and S) certification.

About the Authors

Vivek Santuka, CCIE No. 17621, joined Cisco TAC - Global Partner Delivery Management five years ago as a Customer Support Engineer in the AAA team. He then moved to a Technical Lead role and led a team of 15 engineers in resolving complicated AAA cases. He is currently working in the IPS signature development team. He holds two CCIEs, one in Security and the other in Routing and Switching. In addition to that, he holds a RHCE certification.

Premdeep Banga, CCIE No. 21713, joined Cisco TAC - Global Partner Delivery Management five years ago as a Customer Support Engineer in the AAA team where he was instrumental in training and mentoring of many new engineers. Prem has extensive knowledge of AAA technology and experience in real-life customer deployments. He is currently working in the IPS signature development team. He holds a CCIE in Security. In addition to that, he holds a SSCP certification.

Brandon J Carroll, CCIE No. 23837, is a Senior Technical Instructor and has been training in Cisco Related Technologies for more than nine years. Brandon has consulted on large enterprise and service provider networks. Brandon is the author of other Cisco Press titles and has attended St. Leo University. He holds a CCIE in Security.