https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527593#M89820 <P><SPAN style="font-family:times new roman,times,serif;">Please refer the links for the details of ACS and ISE:</SPAN></P><P><SPAN style="font-family:times new roman,times,serif;"><A href="https://supportforums.cisco.com/blog/150451/video-integration-cisco-identity-services-engine-ise-and-wireless-lan-controller-wlc">https://supportforums.cisco.com/blog/150451/video-integration-cisco-identity-services-engine-ise-and-wireless-lan-controller-wlc</A></SPAN></P><P><SPAN style="font-family:times new roman,times,serif;"><A href="https://supportforums.cisco.com/document/70751/integration-ise-identity-services-engine-cisco-wlc-wireless-lan-controller">https://supportforums.cisco.com/document/70751/integration-ise-identity-services-engine-cisco-wlc-wireless-lan-controller</A></SPAN></P> Mon, 23 Jun 2014 07:26:07 GMT mohanak 2014-06-23T07:26:07Z https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527590#M89817 <P>Hi All,</P><P>&nbsp;</P><P>I want to implement network access control system in a fashion that when someone from outside access our network (Wired/Wireless) he should not have direct access to our system. There must be some authentication, authorization and accounting.</P><P>&nbsp;</P><P>System can be a Cisco, Miscrosoft or third party&nbsp;</P> Mon, 11 Mar 2019 04:49:03 GMT https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527590#M89817 techguy 2019-03-11T04:49:03Z https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527591#M89818 <P>The best solution you can get is Cisco ACS and its replacement Cisco ISE</P> Sun, 22 Jun 2014 20:33:57 GMT https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527591#M89818 Reza Gorjizadeh 2014-06-22T20:33:57Z https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527592#M89819 <P>I agree with Reza except I would recommend ISE over ACS. I think ACS is as good as dead at this point <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> ISE offers a lot more features and functionality with the exception of TACACS+</P> Mon, 23 Jun 2014 03:50:18 GMT https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527592#M89819 nspasov 2014-06-23T03:50:18Z https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527593#M89820 <P><SPAN style="font-family:times new roman,times,serif;">Please refer the links for the details of ACS and ISE:</SPAN></P><P><SPAN style="font-family:times new roman,times,serif;"><A href="https://supportforums.cisco.com/blog/150451/video-integration-cisco-identity-services-engine-ise-and-wireless-lan-controller-wlc">https://supportforums.cisco.com/blog/150451/video-integration-cisco-identity-services-engine-ise-and-wireless-lan-controller-wlc</A></SPAN></P><P><SPAN style="font-family:times new roman,times,serif;"><A href="https://supportforums.cisco.com/document/70751/integration-ise-identity-services-engine-cisco-wlc-wireless-lan-controller">https://supportforums.cisco.com/document/70751/integration-ise-identity-services-engine-cisco-wlc-wireless-lan-controller</A></SPAN></P> Mon, 23 Jun 2014 07:26:07 GMT https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527593#M89820 mohanak 2014-06-23T07:26:07Z https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527594#M89821 <P>Cisco ISE is a consolidated policy-based access control system that incorporates a superset of features available in existing Cisco policy platforms. Cisco ISE performs the following functions:</P><UL><LI class="pBu1_Bullet1"><A name="pgfId-1053360"></A>Combines authentication, authorization, accounting (AAA), posture, and profiler into one appliance</LI><LI class="pBu1_Bullet1"><A name="pgfId-1054991"></A>Provides for comprehensive guest access management for Cisco ISE administrators, sanctioned sponsor administrators, or both</LI><LI class="pBu1_Bullet1"><A name="pgfId-1053367"></A>Enforces endpoint compliance by providing comprehensive client provisioning measures and assessing the device posture for all endpoints that access the network, including 802.1X environments</LI><LI class="pBu1_Bullet1"><A name="pgfId-1053836"></A>Provides support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network</LI><LI class="pBu1_Bullet1"><A name="pgfId-1053853"></A>Enables consistent policy in centralized and distributed deployments that allows services to be delivered where they are needed</LI><LI class="pBu1_Bullet1"><A name="pgfId-1053370"></A>Employs advanced enforcement capabilities including Security Group Access (SGA) through the use of Security Group Tags (SGTs) and Security Group Access Control Lists (SGACLs)</LI><LI class="pBu1_Bullet1"><A name="pgfId-1053371"></A>Supports scalability to support a number of deployment scenarios from small office to large enterprise environments</LI></UL> Wed, 02 Jul 2014 15:50:34 GMT https://community.cisco.com/t5/network-access-control/better-control-on-network/m-p/2527594#M89821 Venkatesh Attuluri 2014-07-02T15:50:34Z