Filter
Top Products
Chapter 8 Establishing Cisco Secure ACS System Configuration
CiscoSecure Database Replication
8-14
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
If mirroring the entire database with a secondary Cisco Secure ACS server might
send confidential information, such as the proxy distribution table, you can
configure the primary Cisco Secure ACS server to send only a specific category
of database information.
Note Cisco Secure ACS does not replicate server certificates used for EAP-TLS
authentication. Certificates are unique to a server; therefore, they are excluded
from the replication process.
Replication Scheduling Options
You can specify when CiscoSecure database replication occurs. The options that
control when replication occurs appear in the Replication Scheduling table on the
CiscoSecure Database Replication page and are as follows:
• Manually—Cisco Secure ACS does not perform automatic database
replication.
• Automatically Triggered Cascade—Cisco Secure ACS performs database
replication to the configured list of secondary Cisco Secure ACS servers
when database replication from a primary Cisco Secure ACS server
completes. This enables you to build a propagation hierarchy of
Cisco Secure ACS servers, relieving a primary Cisco Secure ACS server
from the burden of propagating the replicated components to every other
Cisco Secure ACS server. For an illustration of cascade replication, see
Figure 8-1 on page 8-9.
• Every X minutes—Cisco Secure ACS performs, on a set frequency, database
replication to the configured list of secondary Cisco Secure ACS servers. The
unit of measurement is minutes, with a default update frequency of 60
minutes.
• At specific times...—Cisco Secure ACS performs, at the time specified in the
day and hour graph, database replication to the configured list of secondary
Cisco Secure ACS servers. The minimum resolution is one hour, and the
replication takes place on the hour selected.