|
Table Of Contents
Supported and Interoperable
Devices and Software Tables for Cisco Secure ACS Appliance
version 3.2
Supported and Interoperable
Devices and Software Tables for Cisco Secure ACS Appliance
version 3.2
Revised: March 18, 2004
Because the number of devices that Cisco Secure ACS Appliance version 3.2 interoperates with runs into the hundreds, this device list differs significantly from those of other Cisco products with which you may be familiar. This document lists supported devices and software, that is, those that we have tested against. However, this document also lists devices and software programs that are, to the best of our knowledge, interoperable. Of the hundreds of devices and software programs that Cisco Secure ACS Appliance version 3.2 interoperates with, Cisco officially supports only those that have been tested.
For details regarding other limitations and known problems see Release Notes for CiscoSecure Access Control Server Appliance Version 3.2. On Cisco.com, you can find the latest version all documentation by selecting Products & Services > Security and VPN Software > Cisco Secure Access Control Server Appliance > Technical Documentation.
With regard to third-party RADIUS and TACACS+ clients, Cisco Secure ACS Appliance fully interoperates with devices that adhere to the governing protocols. Also, support for RADIUS and TACACS+ functions depends on device-specific implementation. On a given device, TACACS+ may not be available for user authentication and authorization. Likewise, RADIUS may not be available for administrative authentication and authorization.
For RADIUS these include the following RFCs:
• RFC 2138 - Remote Authentication Dial In User Service (RADIUS)
• RFC 2139 - RADIUS Accounting
• RFC 2865 - Remote Authentication Dial In User Service (RADIUS)
• RFC 2866 - RADIUS Accounting
• RFC 2867 - RADIUS Accounting for Tunnel Protocol Support
• RFC 2868 - RADIUS Attributes for Tunnel Protocol Support
• RFC 2869 - RADIUS Extensions
For details regarding the implementation of vendor-specific attributes (VSAs), see User Guide for Cisco Secure ACS Appliance Version 3.2.
Cisco Secure ACS Appliance conforms to the TACACS+ protocol as defined by Cisco Systems in draft 1.77.
The following tables show the devices and software that Cisco Secure ACS Appliance supports or with which it interoperates:
• Table 2, Device Operating Systems
• Table 4, Access Devices/Universal Gateways
• Table 6, Content Networking Devices
• Table 7, Security and VPN Devices
• Table 8, Storage Networking Devices
• Table 10, Cisco Aironet Software (Access Points for Wireless LAN)
• Table 12, PKI/Certificate Servers
You can find information about new device support at Cisco.com, http://www.cisco.com.
To ensure full capabilities, the clients you deploy to interoperate with Cisco Secure ACS Appliance should use the most recent operating systems available. Nonetheless, Table 2 provides details on the minimum acceptable client operating system versions.
Table 1 Web Browsers1
Program Versions NotesMicrosoft Internet Explorer
Version 6.0 with Service Pack 1 for Microsoft Windows—English Language version
Tested
Netscape Communicator
Version 7.0 for Microsoft Windows - English Language version
Version 7.0 for Solaris 2.7- English Language version
Tested
Tested
1 To use a web browser to access the Cisco Secure ACS HTML interface, you must enable both Java and JavaScript in the browser. Also, you must disable HTTP proxy in the browser.
Table 5 Cable Devices
Devices NotesuBR7100
Tested with IOS 12.2BC
RADIUS and TACACS+ interoperability
uBR7200
EOL status
TACACS+ interoperability
Table 8 Storage Networking Devices
Series Devices Supported NotesMDS 9000
MDS 9216, MDS9509
RADIUS interoperability
(TACACS+ support in future release)
Table 10 Cisco Aironet Software (Access Points for Wireless LAN)
Series Notes350
RADIUS interoperability
AP1100
RADIUS interoperability
AP1200
Tested with Aironet 11.23
RADIUS interoperability
Table 12 PKI/Certificate Servers
Platform Versions NotesMicrosoft CA Certificate Server
Windows 2000
Windows 2000 with SP3
Tested
Entrust PKI
Version 6.0
—
Verisign Onsite
Version 5.0
—
Table 13 Token Servers1
Platform Versions Client Requirement NotesActivCard Server
Version 3.1
—
—
CRYPTOCard CRYPTOAdmin
Version 5.16
—
—
PassGo Defender
Version 4.1.3
—
—
RSA ACE/Server
Version 5.1
—
Tested
Safeword Premier Access
Version 31.
—
—
Vasco Vacman Server
Version 6.0.2
—
—
1 Cisco Secure ACS Appliance uses a RADIUS interface to support all token servers.
Table 15 User Databases1
Platform Version RequirementAD on Windows 2003
—
—
AD on Windows 2000
—
—
SAM on Windows 2000
—
Tested with Service Pack 3
SAM on Windows NT 4.0
—
—
LDAP
Generic
—
Novell NetWare Directory Services (NDS)
Version 6.0
Tested with eDirectory v.8.6 and Novell Client 4.83 SP2 for Windows NT 4.0, Windows 2000, and Windows XP
LEAP Proxy RADIUS servers
—
—
Table 16 Proxy Support
Platform Versions NotesCisco Secure ACS
2.4 or later
—
Funk Steel Belted Radius
Enterprise Edition
—
Posted: Thu Mar 18 07:23:03 PST 2004
All contents are Copyright © 1992--2004 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.