Neue Version des ACS 5.4 steht zur Verfügung. Hier ein paar Informationen dazu:
What’s New in ACS 5.4 Release
ACS 5.4 software release has the following new features and enhancements:
TACACS+ based device admin over IPv6
HTTPS/SSH based ACS admin access over IPv6
Support ACS on VMware installations with any hard disk space from 60 GB to 750 GB.
Support up to 4 Ethernet interfaces for AAA requests
Capability to connect different nodes (instances) in an ACS cluster to a different (single) AD domain
Ability to perform the AD configuration, join, and leave operations separately.
Policy-based authentication (via internal DB, AD & LDAP) and authorization (roles & permissions) of ACS Admins
API for Create/Read/Update/Delete operations on Network Devices, Network Device Groups and Internal Hosts
Online Certificate Status Protocol (OCSP) used to check the validity status of x.509 digital certificates
Display Copyright Banner before and after Admin login via GUI and CLI (each banner can be edited independently)
Support for VMware Tools
Official support for up to 20 instances in a single ACS cluster
Monitor ACS adclient and NTP daemon processes; so that they are automatically restarted if they hang or crash
Session resumption support for stateless EAP-TLS session and ticket extension as described in RFC 5077
Support for crypto-binding TLV extension in MS PEAP
Support account expiry (disablement) date per individual user for users in ACS internal database
Support max # of concurrent user sessions per group and per user basis
Capability to add or update (rewrite) RADIUS attributes within AAA requests sent to RADIUS proxy server
Synchronization of MAR cache among all or a group of ACS instances in a cluster
Add Common Name (CN) as a new member attribute for LDAP users in addition to Distinguished Name (DN)
Support password change by users authenticated against LDAP server via TACACS+, ASCII/PAP and EAP-GTC
Certificate Issuer field in Certificate Dictionary available for use in all ACS policy rules
Authenticated NTP support in addition to existing non-authenticated NTP mode
Support certificate name constraint extensions with following field attributes: Directory Name, URL, Email, DNS
Allow Read Only Admins to run “show run”, “show app status acs”, and “show timezones” CLI commands
New CLI commands to support IPv6 addresses: “ping”, “traceroute”, “show ipv6 route” ipv6 route”, “ipv6 address”
New CLI commands to troubleshoot AD connectivity issues: “adinfo”, “adcheck”, “ldapsearch”
Support automated periodic database compression
Ability to adjust system clock rate and kernel flags for VMware optimization
Ability to generate reports based on events between “Start” and “End” timestamps
Link (Release Notes): Release Notes ACS 5.4
Link (Data Sheet): Data Sheet ACS 5.4
Link (FAQ): FAQ ACS 5.4
Link (User Guide) User Guide ACS 5.4
Link (Install & Upgrade): Install and Upgrade Guide ACS 5.4
Link (CLI Guide): CLI Reference Guide ACS 5.4
Link (Migration Guide): Migration Guide ACS 5.4
Link (Software Developer Guide): Software Developer Guide ACS 5.4
Link (SDT Guide): SDT Guide ACS 5.4
