TACACS and ACS server

Hello people, I would like to implement better security/managment for our network here. I initially heard about TACACS+ and now I am hearing about ACS servers. So now I am looking for a little clarification. Does anybody know if cisco still supports TACACS+? Would anyone recommend using ACS server in place of a TACACS+ server, or am I missing something and the ACS takes on the roll of TACACS. Any info would be greatly appreciated.

Tootles~!

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

mikej412

happy420golucky wrote:

or am I missing something and the ACS takes on the roll of TACACS.

ACS supports both RADIUS or TACACS+ for authentication.

Just search the Cisco web site product information to get the high level description of the ACS product -- and then hit the tech docs when you want to see what that baby really has under the hood.

happy420golucky

Awesome! That helps out. I had another engineer hook me up with a hyperlink for TACACS+ "ftp" download site. According to him and the read me file. It has no support and is UNIX based. I don't know UNIX, so now I am on the hunt again for something I can throw on a 03 Windows server here. Thus, how I ran accross ACS. I guess I am going to have to do a little more research. Yay for me I guess.

pr3d4t0r

happy420golucky wrote:

Hello people, I would like to implement better security/managment for our network here. I initially heard about TACACS+ and now I am hearing about ACS servers. So now I am looking for a little clarification. Does anybody know if cisco still supports TACACS+? Would anyone recommend using ACS server in place of a TACACS+ server, or am I missing something and the ACS takes on the roll of TACACS. Any info would be greatly appreciated. Tootles~!

U can use ACS to perform radius or tacacs+ authentication, its very easy to administer.

Brain-Drain

Sorry to chime in late on this. Tacacs+ is a remote-authentication protocol. Radius is as well. Cisco ACS (Access Control Server) is a web-based management application to administer and control remote access. I have used it to authenticate Wireless users, VPN users, and network device access. It's pretty powerful and granular in its ability to control access to specific resources (either network resources via downloadable ACL or network device commands via specific list) on a group or per-user level. It also provides fairly detailed accounting of not only what commands are run on a device, but also the user, and the IP address they were working from.

It is available for both Windows and Solaris. It does take some up-front time to get set up, but once your network devices are all configured, maintaining it is a breeze. Adding new users is also a breeze.

If your company will pay for ACS, I highly recommend it!