Table of Contents
Advertisement
Supporting Cisco Secure ACS Server
This chapter explains how to prepare the Cisco Secure ACS server or the Cisco Secure ACS Solution
Engine to allow MARS to collect the event logs. It also describes how to configure MARS to receive and
process these logs correctly. Using the web interface, you must define a host to represent the
Cisco Secure ACS server (or the remote logging agent collecting logs for the Cisco Secure ACS Solution
Engine) and then add the software application to that host.
Supporting Cisco Secure ACS Server
To configure a Cisco Secure ACS server to act as a reporting device, you must perform three tasks:
1.
2.
3.
You can also configure Cisco Secure ACS to provide command authorization for the MARS Appliance.
In this role, Cisco Secure ACS verifies that the MARS Appliance is authorized to execute specific
commands on reporting devices and mitigation devices.
The following sections detail supporting a Cisco Secure ACS server:
•
•
•
Supporting Cisco Secure ACS Solution Engine
MARS supports the Cisco Secure ACS Solution Engine via a remote logging host. Cisco Secure ACS
Remote Agent for Windows is a Windows-based application that supports Cisco Secure ACS Solution
Engine for remote logging.
Even though the Cisco Secure ACS Solution Engine supports up to five appliance via a remote logging
host, MARS currently supports only one Cisco Secure ACS Solution Engines per remote logging host.
Otherwise, MARS cannot identify the IP address of the originating Cisco Secure ACS Solution Engine.
To enable this support, follow these steps:
1.
2.
3.
User Guide for Cisco Security MARS Local Controller
14-2
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a00
802335ea.html
Configure Cisco Secure ACS server to generate the correct log files and details and define the AAA
clients.
Install the PN Log Agent on the Cisco Secure ACS server and configure it to forward the correct log
files.
Add the Cisco Secure ACS server to the MARS web interface
Bootstrap Cisco Secure ACS, page 14-3
Install and Configure the PN Log Agent, page 14-7
Add and Configure the Cisco ACS Device in MARS, page 14-12
Configure the Cisco Secure ACS Solution Engine to publish logs to the remote logging host. See
Bootstrap Cisco Secure ACS, page
Install and configure the Cisco Secure ACS Remote Agent for Windows on the target remote
logging host. This host must be running a supported version of Microsoft Windows.
For instructions on installing and configuring the remote agent, see
Guide for Cisco Secure ACS Remote
Install the pnLog Agent on the remote logging host.
For information on installing and configuring the pnLog Agent, see
Log Agent, page
14-7.
14-3.
Agents.
Chapter 14
Configuring AAA Devices
Installation and Configuration
Install and Configure the PN
78-17020-01
Advertisement
Table of Contents
Troubleshooting
