cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

3069
Views
5
Helpful
3
Replies
Highlighted
Beginner

What i need to implement TACACS server?

We are planning to implement TACACS+ server.

I need to know what exactly I need to implement that server? do I need to buy TACACS+ vendor based appliance or I can just buy the software and install it on one of my existing or new server. is there any very good open source software that I can use ? what pros and cons of each options?

I'm Managing hundreds of routers and switches on our company and on customer sites through internet.

one last question : is Cisco ACS 5.5 hardware-based or can be installed in any server? 


I know it is very long question(s) but I know you are very supportive and nice people :) 

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

1.] Most large Enterprise or


1.] Most large Enterprise or Carrier-class network device manufacturers support TACACS. Some vendors that support the TACACS+ protocol are: Adtran, Alcatel/Lucent, Arbor, Aruba, Brocade/Foundry, Cisco/Linksys, Ericsson/Redback, Extreme, Fortinet, HP/3Com, Huawei, Juniper, Netgear, Nortel, and others. However I'd personally suggest ACS 5.x

Source - http://tacacs.net/faq.asp

2.] Cisco Secure ACS 5.5 is available as a closed and hardened Linux-based SNS 3415/3495 appliance or as a software operating system image for VMware ESX/ESXi 5.0/5.1.

Cisco Secure ACS 5.5 supports two distinct protocols for authentication, authorization, and accounting (AAA): RADIUS for network access control and TACACS+ for network device access control.

3.] For more information on product and license, you should go through the below listed links.

ACS 5.5 ordering guide

ACS 5.5 Data sheet

 

Regards,

Jatin Katyal

**Do rate helpful posts**

~Jatin Katyal

View solution in original post

3 REPLIES 3
Rising star

Hi Ibrahim,All you need is a

Hi Ibrahim,

All you need is a Tacacs server and configure all your router and switches to authenticate through this server.

Being a cisco guy my suggestion is to go with Cisco ACS 5.5 box. You can get this as appliance (dedicated hardware) or as a software which can be installed on virtual ESXi environment.

Also please be aware the Tacacs is a cisco properitary protocol and hence only cisco devices will be able to authenticate using this protocol.  

Hope that helps.

Regards

Najaf

Please rate useful answers !!!

Cisco Employee

1.] Most large Enterprise or


1.] Most large Enterprise or Carrier-class network device manufacturers support TACACS. Some vendors that support the TACACS+ protocol are: Adtran, Alcatel/Lucent, Arbor, Aruba, Brocade/Foundry, Cisco/Linksys, Ericsson/Redback, Extreme, Fortinet, HP/3Com, Huawei, Juniper, Netgear, Nortel, and others. However I'd personally suggest ACS 5.x

Source - http://tacacs.net/faq.asp

2.] Cisco Secure ACS 5.5 is available as a closed and hardened Linux-based SNS 3415/3495 appliance or as a software operating system image for VMware ESX/ESXi 5.0/5.1.

Cisco Secure ACS 5.5 supports two distinct protocols for authentication, authorization, and accounting (AAA): RADIUS for network access control and TACACS+ for network device access control.

3.] For more information on product and license, you should go through the below listed links.

ACS 5.5 ordering guide

ACS 5.5 Data sheet

 

Regards,

Jatin Katyal

**Do rate helpful posts**

~Jatin Katyal

View solution in original post

Beginner

Thank you guys for your

Thank you guys for your helpful information.

Is there any other inexpensive product or open source software ?