Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 451

    Page 451 1 Cisco Systems, Inc.www.cisco.com Configuring System Operations You can configure and deploy ACS instances so that one ACS instance becomes the primary instance and the other ACS instances can be registered to the primary as secondary instances. An ACS instance represents ACS software that runs on a network. An ACS deployment may consist of a single instance, or multiple instances deployed in a distributed manner, where all instances in a system are managed centrally. All instances in a system... 
    1
Cisco Systems, Inc.www.cisco.com
 
Configuring System Operations
You can configure and deploy ACS instances so that one ACS instance becomes the primary instance and the other ACS 
instances can be registered to the primary as secondary instances. An ACS instance represents ACS software that runs 
on a network. 
An ACS deployment may consist of a single instance, or multiple instances deployed in a distributed manner, where all 
instances in a system are managed centrally. All instances in a system...

    Page 452

    Page 452 2 Configuring System Operations Understanding Distributed Deployment Trust Communication in a Distributed Deployment, page 29 Understanding Distributed Deployment You can configure multiple ACS servers in a deployment. Within any deployment, you designate one server as the primary server and all the other servers are secondary servers. In general, you make configuration changes on the primary server only, and the changes are propagated to all secondary servers, which can then view the configuration... 
    2
Configuring System Operations
 
Understanding Distributed Deployment
Trust Communication in a Distributed Deployment, page 29
Understanding Distributed Deployment
You can configure multiple ACS servers in a deployment. Within any deployment, you designate one server as the primary 
server and all the other servers are secondary servers.
In general, you make configuration changes on the primary server only, and the changes are propagated to all secondary 
servers, which can then view the configuration...

    Page 453

    Page 453 3 Configuring System Operations Understanding Distributed Deployment ACS 5.7 supports one primary and twenty one secondary ACS instances in a large ACS deployment. You can make one secondary instance as a dedicated hot standby secondary instance which can be promoted as a primary instance when the actual primary instance goes down. The medium ACS deployment consists of one primary and thirteen secondary ACS instances. Similarly, you can make one secondary instance as a dedicated hot standby... 
    3   
Configuring System Operations
Understanding Distributed Deployment
ACS 5.7 supports one primary and twenty one secondary ACS instances in a large ACS deployment. You can make one 
secondary instance as a dedicated hot standby secondary instance which can be promoted as a primary instance when 
the actual primary instance goes down. The medium ACS deployment consists of one primary and thirteen secondary 
ACS instances. Similarly, you can make one secondary instance as a dedicated hot standby...

    Page 454

    Page 454 4 Configuring System Operations Understanding Distributed Deployment Related Topics Activating Secondary Servers, page 3 Understanding Distributed Deployment, page 2 Promoting a Secondary Server There can be one server only that is functioning as the primary server. However, you can promote a secondary server so that is assumes the primary role for all servers in the deployment. The promotion operation is performed either on the secondary server that is to assume the primary role or on the primary... 
    4
Configuring System Operations
 
Understanding Distributed Deployment
Related Topics
Activating Secondary Servers, page 3
Understanding Distributed Deployment, page 2
Promoting a Secondary Server
There can be one server only that is functioning as the primary server. However, you can promote a secondary server so 
that is assumes the primary role for all servers in the deployment. The promotion operation is performed either on the 
secondary server that is to assume the primary role or on the primary...

    Page 455

    Page 455 5 Configuring System Operations Scheduled Backups If configuration changes are not being replicated as expected, the administrator can request a full replication to the server. When you request full replication, the full set of configuration data is transferred to the secondary server to ensure the configuration data on the secondary server is re synchronized. Note: Replication on the Message Bus happens over TCP port 61616. Full replication happens over the Sybase DB TCP port 2638. Warning: ACS... 
    5   
Configuring System Operations
Scheduled Backups
If configuration changes are not being replicated as expected, the administrator can request a full replication to the 
server. When you request full replication, the full set of configuration data is transferred to the secondary server to ensure 
the configuration data on the secondary server is re synchronized.
Note: Replication on the Message Bus happens over TCP port 61616. Full replication happens over the Sybase DB TCP 
port 2638.
Warning: ACS...

    Page 456

    Page 456 6 Configuring System Operations Scheduled Backups Refer to the Installation and Setup Guide for Cisco Secure Access Control System 5.7 for more information on upgrading ACS to later versions. ACS Backup Encryption ACS backup is encrypted using a dynamic encryption password. The user is prompted for an encryption password while performing a backup operation. ACS encrypts only the ACS data using a dynamic encryption key. The CARS and ACS view data are encrypted using a static key. Therefore ACS... 
    6
Configuring System Operations
 
Scheduled Backups
Refer to the Installation and Setup Guide for Cisco Secure Access Control System 5.7 for more information on upgrading 
ACS to later versions.
ACS Backup Encryption
ACS backup is encrypted using a dynamic encryption password. The user is prompted for an encryption password while 
performing a backup operation. ACS encrypts only the ACS data using a dynamic encryption key. The CARS and ACS 
view data are encrypted using a static key. Therefore ACS...

    Page 457

    Page 457 7 Configuring System Operations Backing Up Primary and Secondary Instances 2.Click Submit to schedule the backup. Related Topic Backing Up Primary and Secondary Instances, page 7 Backing Up Primary and Secondary Instances ACS allows you to encrypt the backup with a password. The backup file encryption is available only for ACS configuration backup. The password-based encryption is not applicable if you choose to obtain only the ADE-OS configuration data backup from secondary ACS instances. ACS... 
    7   
Configuring System Operations
Backing Up Primary and Secondary Instances
2.Click Submit to schedule the backup.
Related Topic
Backing Up Primary and Secondary Instances, page 7
Backing Up Primary and Secondary Instances
ACS allows you to encrypt the backup with a password. The backup file encryption is available only for ACS configuration 
backup. The password-based encryption is not applicable if you choose to obtain only the ADE-OS configuration data 
backup from secondary ACS instances.
ACS...

    Page 458

    Page 458 8 Configuring System Operations Backing Up Primary and Secondary Instances To run an immediate backup from Distributed System Management page: 1.Choose System Administration > Operations > Distributed System Management. The Distributed System Management page appears. 2.From the Primary Instance table or the Secondary Instances table, select the instance that you want to back up. You can select only one primary instance, but many secondary instances for a backup. 3.Click Backup. The Distributed System... 
    8
Configuring System Operations
 
Backing Up Primary and Secondary Instances
To run an immediate backup from Distributed System Management page:
1.Choose System Administration > Operations > Distributed System Management.
The Distributed System Management page appears.
2.From the Primary Instance table or the Secondary Instances table, select the instance that you want to back up.
You can select only one primary instance, but many secondary instances for a backup.
3.Click Backup.
The Distributed System...

    Page 459

    Page 459 9 Configuring System Operations Synchronizing Primary and Secondary Instances After Backup and Restore Synchronizing Primary and Secondary Instances After Backup and Restore When you specify that a system backup is restored on a primary instance, the secondary instance is not updated to the newly restored database that is present on the primary instance. To make sure the secondary instance is updated, from the secondary instance, you need to request a hardware replacement to rejoin the restored... 
    9   
Configuring System Operations
Synchronizing Primary and Secondary Instances After Backup and Restore
Synchronizing Primary and Secondary Instances After Backup and Restore
When you specify that a system backup is restored on a primary instance, the secondary instance is not updated to the 
newly restored database that is present on the primary instance. 
To make sure the secondary instance is updated, from the secondary instance, you need to request a hardware 
replacement to rejoin the restored...

    Page 460

    Page 460 10 Configuring System Operations Editing Instances Table 4 Distributed System Management Page Option Description Primary Instance Name Hostname of the primary instance. IP Address IP address of the primary instance. Online Status Indicates if the primary instance is online or offline. A check mark indicates that the primary instance is online; x indicates that the primary instance is offline. Replication ID The transaction ID that identifies the last configuration change on the primary instance.... 
    10
Configuring System Operations
 
Editing Instances
Table 4 Distributed System Management Page
Option Description
Primary Instance
Name  Hostname of the primary instance.
IP Address  IP address of the primary instance.
Online  Status Indicates if the primary instance is online or offline. A check mark indicates that the primary instance 
is online; x indicates that the primary instance is offline.
Replication ID  The transaction ID that identifies the last configuration change on the primary instance....
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals