H-7
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Appendix H Cisco Secure ACS Internal Architecture
CSMon
• TACACS+ Administration—Contains the log files of TACACS+
administration events
• VoIP Accounting—Contains the log files of successful authentication and
authorization activity for Voice over IP (VoIP) users
CSMon
CSMon is a service provided as a part of Cisco Secure ACS that facilitates
minimum down time in a remote access network environment. CSMon performs
four basic activities:
• Monitoring—Monitors the overall status of Cisco Secure ACS and the
system on which it is running
• Recording—Records and reports all exceptions to a special log file
• Notification—Alerts the administrator to potential problems and real events
regarding Cisco Secure ACS and records all such problems
• Response—Attempts to automatically and intelligently fix detected
problems
CSMon works for both TACACS+ and RADIUS and automatically detects which
protocols are in use.
Note CSMon is not intended as a replacement for system, network, or application
management applications but is provided as an application-specific utility that
can be used with other, more generic system management tools.
Monitoring
CSMon actively monitors three basic sets of system parameters:
• Generic host system state—Windows NT/2000 itself provides several built-in
utilities, such as the Event Log and Performance Monitor, to monitor overall
system health, and there are several commercial applications available.
CSMon monitors a small number of additional key system thresholds:
• Available space on the system hard disk (the drive with the
Windows NT/2000 directory).
