cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5818
Views
6
Helpful
3
Replies

What i need to implement TACACS server?

ibrahim299
Level 1
Level 1

We are planning to implement TACACS+ server.

I need to know what exactly I need to implement that server? do I need to buy TACACS+ vendor based appliance or I can just buy the software and install it on one of my existing or new server. is there any very good open source software that I can use ? what pros and cons of each options?

I'm Managing hundreds of routers and switches on our company and on customer sites through internet.

one last question : is Cisco ACS 5.5 hardware-based or can be installed in any server? 


I know it is very long question(s) but I know you are very supportive and nice people :) 

1 Accepted Solution

Accepted Solutions

Jatin Katyal
Cisco Employee
Cisco Employee


1.] Most large Enterprise or Carrier-class network device manufacturers support TACACS. Some vendors that support the TACACS+ protocol are: Adtran, Alcatel/Lucent, Arbor, Aruba, Brocade/Foundry, Cisco/Linksys, Ericsson/Redback, Extreme, Fortinet, HP/3Com, Huawei, Juniper, Netgear, Nortel, and others. However I'd personally suggest ACS 5.x

Source - http://tacacs.net/faq.asp

2.] Cisco Secure ACS 5.5 is available as a closed and hardened Linux-based SNS 3415/3495 appliance or as a software operating system image for VMware ESX/ESXi 5.0/5.1.

Cisco Secure ACS 5.5 supports two distinct protocols for authentication, authorization, and accounting (AAA): RADIUS for network access control and TACACS+ for network device access control.

3.] For more information on product and license, you should go through the below listed links.

ACS 5.5 ordering guide

ACS 5.5 Data sheet

 

Regards,

Jatin Katyal

**Do rate helpful posts**

~Jatin

View solution in original post

3 Replies 3

kcnajaf
Level 7
Level 7

Hi Ibrahim,

All you need is a Tacacs server and configure all your router and switches to authenticate through this server.

Being a cisco guy my suggestion is to go with Cisco ACS 5.5 box. You can get this as appliance (dedicated hardware) or as a software which can be installed on virtual ESXi environment.

Also please be aware the Tacacs is a cisco properitary protocol and hence only cisco devices will be able to authenticate using this protocol.  

Hope that helps.

Regards

Najaf

Please rate useful answers !!!

Jatin Katyal
Cisco Employee
Cisco Employee


1.] Most large Enterprise or Carrier-class network device manufacturers support TACACS. Some vendors that support the TACACS+ protocol are: Adtran, Alcatel/Lucent, Arbor, Aruba, Brocade/Foundry, Cisco/Linksys, Ericsson/Redback, Extreme, Fortinet, HP/3Com, Huawei, Juniper, Netgear, Nortel, and others. However I'd personally suggest ACS 5.x

Source - http://tacacs.net/faq.asp

2.] Cisco Secure ACS 5.5 is available as a closed and hardened Linux-based SNS 3415/3495 appliance or as a software operating system image for VMware ESX/ESXi 5.0/5.1.

Cisco Secure ACS 5.5 supports two distinct protocols for authentication, authorization, and accounting (AAA): RADIUS for network access control and TACACS+ for network device access control.

3.] For more information on product and license, you should go through the below listed links.

ACS 5.5 ordering guide

ACS 5.5 Data sheet

 

Regards,

Jatin Katyal

**Do rate helpful posts**

~Jatin

Thank you guys for your helpful information.

Is there any other inexpensive product or open source software ?