Filter
Top Products
8-11
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 8 Establishing Cisco Secure ACS System Configuration
CiscoSecure Database Replication
• Replication to secondary Cisco Secure ACS servers takes place sequentially
in the order listed in the Replication list under Replication Partners on the
CiscoSecure Database Replication page.
• The secondary Cisco Secure ACS server receiving the replicated components
must be configured to accept database replication from the primary
Cisco Secure ACS server. To configure a secondary Cisco Secure ACS server
for database replication, see the “Configuring a Secondary Cisco Secure ACS
Server” section on page 8-17.
• Cisco Secure ACS does not support bidirectional database replication. The
secondary Cisco Secure ACS server receiving the replicated components
verifies that the primary Cisco Secure ACS server is not on its Replication
list. If not, the secondary Cisco Secure ACS server accepts the replicated
components. If so, it rejects the components.
• To replicate user-defined RADIUS vendor and vendor-specific attribute
(VSA) configurations successfully, user-defined RADIUS vendor and VSA
definitions to be replicated must be identical on the primary and secondary
Cisco Secure ACS servers, including the RADIUS vendor slots that the
user-defined RADIUS vendors occupy. For more information about
user-defined RADIUS vendors and VSAs, see the “User-Defined RADIUS
Vendors and VSA Sets” section on page E-27.
Database Replication Versus Database Backup
Do not confuse database replication with system backup. Database replication is
not a replacement for System Backup. While both features provide protection
from partial or complete server loss, each feature addresses the issue in a different
way.
System Backup archives data into a format that you can later use to restore the
configuration if the system fails or the data becomes corrupted. The backup data
is stored on the local hard drive and can be copied and removed from the system
for long-term storage. You can store several generations of database backup files.
CiscoSecure Database Replication offers the convenience of copying various
components of the CiscoSecure database to other Cisco Secure ACS servers. This
can help you plan a failover AAA architecture and can help reduce the complexity
of your configuration and maintenance tasks. While it is unlikely, it is possible
that CiscoSecure Database Replication can propagate a corrupted database to the
Cisco Secure ACS servers that generate your backup files.