Appendix G
Cisco Secure ACS Internal Architecture
Note
Monitoring
78-14696-01, Version 3.1
CSMon is not intended as a replacement for system, network, or application
management applications but is provided as an application-specific utility that can
be used with other, more generic system management tools.
CSMon performs four basic activities, outlined in the following topics:
•
Monitoring, page G-5
Recording, page G-6
•
Notification, page G-7
•
Response, page G-7
•
CSMon monitors the overall status of Cisco Secure ACS and the system on which
it is running. CSMon actively monitors three basic sets of system parameters:
•
Generic host system state—CSMon monitors the following key system
thresholds:
Available hard disk space
–
Processor utilization
–
Physical memory utilization
–
All events related to generic host system state are categorized as "warning
events".
•
Application-specific performance—
Application viability—CSMon periodically performs a test login using
–
a special built-in test account (the default period is one minute).
Problems with this authentication can be used to determine if the service
has been compromised.
Application performance thresholds—CSMon monitors and records
–
the latency of each test authentication request (the time it takes to receive
a positive response). Each time this is performed, CSMon updates a
variable containing the average response time value. Additionally, it
records whether retries were necessary to achieve a successful response.
By tracking the average time for each test authentication, CSMon can
User Guide for Cisco Secure ACS for Windows Server
CSMon
G-5