Supported and Interoperable Devices and Softwares for the Cisco Secure Access Control System 5.2

Similar documents
Supported and Interoperable Devices and Software for Cisco Secure Access Control System 5.4

Documentation Roadmap for Cisco Prime LAN Management Solution 4.2

Preface. Audience. Cisco IOS Software Documentation. Organization

Open Source Used In TSP

About This Guide. and with the Cisco Nexus 1010 Virtual Services Appliance: N1K-C1010

PageScope Box Operator Ver. 3.2 User s Guide

TWAIN driver User s Guide

DAP Controller FCO

MagicInfo Express Content Creator

TheGreenBow VPN Client ios User Guide

DAP Controller FCO

SkyPilot OS Installation: Fedora Core 5

This section describes new Polycom QDX 6000 hardware.

Crypto Application. version 1.2

Introduction. The Win32 OpenSSL Installation Group hopes that you enjoy this software and get many years of use out of it!

Novell Audit 2.0 Administration Guide. novdocx (ENU) 10 August Novell Audit ADMINISTRATION GUIDE.

RTI Secure WAN Transport

Release Notes. Polycom QDX 6000 Introduction. Polycom QDX 6000, Version 3.0

Conettix Universal Dual Path Communicator B465

Navigation Guide for Cisco Prime LAN Management Solution 4.1

Navigation Guide for Cisco Prime LAN Management Solution 4.2

Open Source Used In Cisco Configuration Professional for Catalyst 1.0

im2020, im2520, im2520f, im Printer Management Utility

Copyright PFU LIMITED

Cisco MDS SAN-OS Release Compatibility Matrix for Storage Service Interface Images

SkyPilot EMS Installation

JP1/Automatic Job Management System 3 - Definition Assistant Description, Operator's Guide and Reference

Fiery S450 65C-KM. Network Scanner

Crypto Application. version 1.5

Fujitsu ScandAll PRO V2.1.5 README

Getting Started with Automatic Provisioning

SMASH SCROOGE SHAKER New Features

Installation Guide for Cisco Secure ACS for Windows 4.2

Sonic ESB Configuration and Management Guide

SkyPilot Web Interface Reference

Fiery PRO 80 /S450 65C-KM

Cisco MDS NX-OS Release Compatibility Matrix for Storage Service Interface Images

Release Notes for Cisco Digital Media System 4.0

Partner Pre-Install Checklist: Common Service Platform Collector (CSP-C) for Smart Portal 0.5

JD Edwards World User Reserved Information. Version A9.2

TCP-Relay. TCP-Relay

Release Notes for Broadband Access Center for Cable 2.7

Introducing Tivoli Kernel Services Administration

Management Software Web Browser User s Guide

Release 3.7 January 2018 User Guide

Intel Stress Bitstreams and Encoder (Intel SBE) 2017 AVS2 Release Notes (Version 2.3)

Release Notes for Cisco Video Surveillance High Definition IP Cameras, Release 1.4.1

Sophos Endpoint Security and Control standalone startup guide

Avaya VPN Client Software Release 10.05_100

Simba Cassandra ODBC Driver with SQL Connector

Phaser color laser printer. Reference Guide.

FAQs for the Cisco Aironet Conversion Tool Version 2.1 for Cisco IOS Software

Enhanced Support Facility User's Guide For REMCS

IETF TRUST. Legal Provisions Relating to IETF Documents. February 12, Effective Date: February 15, 2009

IETF TRUST. Legal Provisions Relating to IETF Documents. Approved November 6, Effective Date: November 10, 2008

Release Notes for Cisco Aironet a/b/g Client Adapters (CB21AG and PI21AG) for Windows Vista 1.1

Copyright PFU LIMITED 2016

Getting Started with Cisco Prime LAN Management Solution 4.1

Use in High-Safety Applications

Encrypted Vendor-Specific Attributes

License, Rules, and Application Form

Configuration Guide for Cisco Secure ACS 4.2

Ecma International Policy on Submission, Inclusion and Licensing of Software

Installing the Shrew Soft VPN Client

Sophos Enterprise Console quick startup guide: with encryption and NAC. Product version: 5.1 Document date: June 2012

Open Source Used In c1101 and c1109 Cisco IOS XE Fuji

JP1/Data Highway - Server System Administrator Guide

LoadMaster VMware Horizon (with View) 6. Deployment Guide

Splunk. Splunk. Deployment Guide

Installation and Configuration Guide for Visual Voic Release 8.5

JD Edwards World EDI Error Notification. Version A9.2

3PAR InForm OS CLI Administrator s Manual. 3PAR, Inc Technology Drive Fremont, CA USA

cm4520 For Océ and Imagistics Models

RADIUS Packet of Disconnect

ANZ TRANSACTIVE MOBILE for ipad

Cisco UCS Virtual Interface Card Drivers for Windows Installation Guide

JD Edwards World Quick Installation Guide. Version A9.2 Update 1

ColdFusion Builder 3.2 Third Party Software Notices and/or Additional Terms and Conditions

HALCoGen TMS570LS31x Help: example_sci_uart_9600.c

Ecma International Policy on Submission, Inclusion and Licensing of Software

Juniper Networks Steel-Belted Radius Carrier

JP1/File Transmission Server/FTP Description, Reference and Operator's Guide

Release Notes for Cisco Virtualization Experience Client 2111/2211 PCoIP Firmware Release 4.0.2

User s Guide [Fax Driver Operations]

Adobe Connect. Adobe Connect. Deployment Guide

RSA Two Factor Authentication

MSDE Copyright (c) 2001, Microsoft Corporation. All rights reserved.

iwrite technical manual iwrite authors and contributors Revision: 0.00 (Draft/WIP)

US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

VMware vcenter Log Insight Manager. Deployment Guide

AccuTerm 7 Internet Edition Connection Designer Help. Copyright Schellenbach & Assoc., Inc.

Cisco Nexus 9000 Series NX-OS Virtual Machine Tracker Configuration Guide, Release 9.x

Release Notes for Cisco Spectrum Expert, Release

QuarkXPress Server Manager 8.0 ReadMe

Static analysis for quality mobile applications

JD Edwards EnterpriseOne Date Utility

Installation Guide for Cisco Unified Provisioning Manager

Migration Tool. Migration Tool (Beta) Technical Note

User s Guide [Network Scanner Operations]

Release Notes for Cisco Network Registrar 7.2.3

Transcription:

Supported and Interoperable Devices and Softwares for the Cisco Secure Access Control System 5.2 Revised: March 11, 2013 The Cisco Secure Access Control System Release 5.2, hereafter referred to as ACS, works with hundreds of devices. You can use this document to find devices and software that ACS 5.2 supports. For details regarding limitations and known problems, see the Release Notes for the Cisco Secure Access Control System 5.2. This document contains: Supported Devices, page 2 Supported User Repositories, page 3 Supported 802.1X Clients, page 4 Supported Web Client/Browser Platforms, page 5 Supported Authentication Protocols, page 5 SNMP Support, page 5 Syslog Support, page 6 ACS View 5.2 Database Support, page 6 Supported VMWare Versions, page 6 Documentation Updates, page 7 Related Documentation, page 7 Notices, page 8 Obtaining Documentation and Submitting a Service Request, page 10 Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA

Supported Devices Supported Devices ACS 5.2 supports all devices that implement the Authentication, Authorization, and Accounting (AAA) mechanism similar to Cisco IOS 12.x. RADIUS and TACACS+ ACS fully interoperates with third-party RADIUS and TACACS+ client devices that adhere to the governing protocols. Support for RADIUS and TACACS+ functions depends on the device-specific implementation. For example, on a specific device: TACACS+ might not be available for user authentication and authorization RADIUS might not be available for administrative authentication and authorization For TACACS+ devices, ACS conforms to the TACACS+ protocol as Cisco Systems defined in draft 1.78, which is available at http://www.cisco.com For RADIUS, ACS conforms to the following Request For Comments (RFC): RFC 2138 Remote Authentication Dial In User Service (RADIUS) RFC 2139 RADIUS Accounting RFC 2865 Remote Authentication Dial In User Service (RADIUS) RFC 2866 RADIUS Accounting RFC 2867 RADIUS Accounting for Tunnel Protocol Support RFC 2868 RADIUS Attributes for Tunnel Protocol Support RFC 2869 RADIUS Extensions Note For details regarding the implementation of vendor-specific attributes (VSAs), see the User Guide for the Cisco Secure Access Control System 5.2. Table 1 lists some of the Tested Network Elements that ACS 5.2 supports. Table 1 Tested Network Elements Network Elements Operating System with Version Cisco 2610 IOS 12.3.17b Cisco 3640 IOS 12.3.17b Cisco 7200 IOS 12.3.17b Cisco 3750 IOS 12.2(25r) Catalyst WS-3560-24TS Switch IOS 12.2(25)-SEC2 Cisco 515E PIX PIX OS 6.3.5 Cisco AP 1200 IOS 12.3(7)JA1 Nexus 7000 4.2(1) Catalyst 6000 12.2 (SIERRA_INTEG_080914) IP Phone Cisco IP Phone 7970 2

Supported User Repositories Table 1 Tested Network Elements (continued) Network Elements Operating System with Version VPN Concentrator 3000 VPN 3000 4.7.2.I ASA-5510 8.0(4) Cisco Wireless Controller- WLC 4400 Load Balancer CSS11503-AC L0 08.10.1.06 Cisco VPN Client 5.0.04.3 Cisco Anyconnect VPN Client 2.3 Inherit Microsoft VPN Client Microsoft XP CoA Support ACS supports Change of Authorization (CoA) on the Cisco IOS version 12.2(52)SE. Table 2 lists the devices and images that support CoA: Table 2 Devices and Images that Support CoA Devices Cisco 2960 Cisco 2975 Cisco 3560/3560 version 2 Cisco 3750/3750 version 2 Cisco 3560E Cisco 3750E IE 3000 CBS31xx CBS30xx Image LANbase LANbase Supported User Repositories ACS 5.2 supports the following external user repositories: Windows Active Directory, page 4 Lightweight Directory Access Protocol Server, page 4 RSA Secure ID Server, page 4 Radius Token OTP Server, page 4 3

Supported 802.1X Clients Windows Active Directory ACS 5.2 supports all editions of: Windows AD 2003 Windows AD 2003 R2 Windows AD 2008 Windows AD 2008 R2 Lightweight Directory Access Protocol Server ACS 5.2 supports Lightweight Directory Access Protocol (LDAP) Servers. The supported LDAP servers include but are not limited to: SunONE LDAP Directory Server - Version 5.2 Linux LDAP Directory Server - Version 4.1 Open LDAP Directory Server RSA Secure ID Server ACS 5.2 supports: RSA ACE/Server 6.x Series RSA Authentication Manager 7.x Series Radius Token OTP Server ACS 5.2 supports: Any RADIUS RFC 2865-compliant token server SafeWord Server Supported 802.1X Clients ACS 5.2 supports all 802.1X clients. These include but are not limited to: Microsoft Built-In Windows XP 802.1X Client Microsoft Built-In Windows Vista 802.1X Client Microsoft Built-In Windows 7 802.1X Client CSSC version 4.x CSSC version 5.x Juniper Odyssey 4.x Intel Wireless WiFi Link with AMT support CSSC SDK for Vista 4

Supported Web Client/Browser Platforms Supported Web Client/Browser Platforms ACS 5.2 supports the following Web Client/Browser Platforms: Windows XP Professional (Service Pack 2 and 3) and Windows Vista. Internet Explorer version 6.x Internet Explorer version 7.x Internet Explorer version 8.x Mozilla Firefox version 3.x The above mentioned browsers are supported only with one of the following cipher suits: TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA RSA_WITH_3DES_EDE_CBC_SHA Note You should install Windows XP SP3 to use SHA2 256-bit certificates as management certificates. MAC OS 10.5 Mozilla Firefox version 3.x Linux RedHat (latest version) Mozilla FireFox version 3.x Supported Authentication Protocols ACS 5.2 supports the following protocols: PAP/ASCII EAP-MD5 EAP-TLS PEAP (with inner EAP-MSCHAPv2/EAP-GTC) EAP-FAST (with inner EAP-MSCHAPv2/EAP-GTC) LEAP CHAP MSCHAP (v1) MSCHAP (v2) SNMP Support ACS 5.2 supports Simple Network Management Protocol (SNMP) to provide logging services. The SNMP agent provides read-only SNMP v1 and SNMP v2c support. The supported MIBs include: SNMPv2-MIB 5

Syslog Support RFC1213-MIB (MIB II) IF-MIB IP-MIB TCP-MIB UDP-MIB CISCO-CDP-MIB ENTITY-MIB The SNMP agent is configurable on the Collection Filters page in the Monitoring & Report Viewer. Syslog Support ACS 5.2 conforms to syslog standard (RFC 3164 and RFC 5424) and supports any generic syslog server. ACS View 5.2 Database Support In ACS View 5.2, the following can be used as the remote database: Microsoft SQL server Oracle SQL Supported VMWare Versions ACS 5.2 can be installed on the following VMWare versions: VMWare 2.0 (for evaluation version of ACS 5.2 only) VMWare ESX 3.5 VMWare ESX 4.0 Note Disk space of 500 GB for production installation and 60 GB for evaluation is required. For information on the VMWare machine requirements and installation procedures, refer to Installing ACS in a VMware Virtual Machine chapter in the Installation and Upgrade Guide for the Cisco Secure Access Control System 5.2. 6

Documentation Updates Documentation Updates Table 3 Updates to the Supported and Interoperable Devices and Softwares for the Cisco Secure Access Control System 5.2 Date Description 12/31/2010 Removed HOST-RESOURCES MIB from the list of supported MIBs, according to the CSCtl21755. 08/13/2010 Cisco Secure Access Control System, Release 5.2. Related Documentation Note We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on http://cisco.com for any updates. Table 4 lists the product documentation that is available for ACS 5.2. To find end-user documentation for all the products on Cisco.com, go to: http://www.cisco.com/go/techdocs Select Network Management > Security and Identity Management > Cisco Secure Access Control Server Products > Cisco Secure Access Control System. Table 4 Product Documentation Document Title License and Documentation Guide for the Cisco Secure Access Control System 5.2 Release Notes for the Cisco Secure Access Control System 5.2 User Guide for the Cisco Secure Access Control System 5.2 Installation and Upgrade Guide for the Cisco Secure Access Control System 5.2 CLI Reference Guide for the Cisco Secure Access Control System 5.2 Migration Guide for the Cisco Secure Access Control System 5.2 Software Developer s Guide for the Cisco Secure Access Control System 5.1 Note The ACS 5.1 Software Developer s Guide is applicable for ACS 5.2 as well. Regulatory Compliance and Safety Information for the Cisco 1121 Secure Access Control System 5.1 Available Formats products_documentation_roadmaps_list.html prod_release_notes_list.html products_user_guide_list.html prod_installation_guides_list.html prod_command_reference_list.html prod_installation_guides_list.html products_programming_reference_guides_list.html prod_installation_guides_list.html 7

Notices Notices The following notices pertain to this software license. OpenSSL/Open SSL Project This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). License Issues The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org. OpenSSL License: Copyright 1998-2007 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). 4. The names OpenSSL Toolkit and OpenSSL Project must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org. 5. Products derived from this software may not be called OpenSSL nor may OpenSSL appear in their names without prior written permission of the OpenSSL Project. 6. Redistributions of any form whatsoever must retain the following acknowledgment: This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS ' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 8

Notices LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). Original SSLeay License: Copyright 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved. This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). The implementation was written so as to conform with Netscapes SSL. This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com). Copyright remains Eric Young s, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). The word cryptographic can be left out if the routines from the library being used are not cryptography-related. 4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: This product includes software written by Tim Hudson (tjh@cryptsoft.com). THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The license and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public License]. 9

Obtaining Documentation and Submitting a Service Request Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/us/docs/general/whatsnew/whatsnew.html Subscribe to the What s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Supported and Interoperable Devices and Software Tables for the Cisco Secure Access Control System 5.2 Copyright 2010 Cisco Systems, Inc. All rights reserved. 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback