- A powerful, attribute-driven rules-based policy model that addresses complex policy needs in a flexible manner
- A lightweight, web-based Graphical User Interface (GUI) with intuitive navigation and workflow
- Integrated advanced monitoring, reporting, and troubleshooting capabilities for maximum control and visibility
- Improved integration with external identity and policy databases
- A distributed deployment model that enables large-scale deployments and provides a highly available solution
With the ever-increasing reliance on enterprise networks to perform daily job routines and the increasing number of methods and opportunities to access today's networks, security breaches and uncontrolled user access are of primary concern among enterprises. Network security officers and administrators need solutions that support flexible authentication and authorization policies that are tied to a user's identity as well as to context such as the network access type, time of day, and the security of the machine used to access the network. Further, there is a need to effectively audit network use, monitor corporate compliance, and get broad visibility into policies and activities across the network.
Cisco Secure ACS provides the policy control for the Cisco self defending network architecture, an architecture that protects your business by identifying, preventing, and adapting to threats from inside and outside the company. Cisco Secure ACS is a highly scalable, high-performance access policy system that centralizes device administration, authentication, and user access policy and reduces the management and support burden for these functions.
The Cisco Secure ACS rules-based policy model supports the application of different authorization rules under different conditions, and thus policy is contextual and not limited to authorization determined by a single group membership. Integration capabilities allow information in external databases to be directly referenced in access policy rules, and attributes can be used both in policy conditions and authorization rules.
Cisco Secure ACS features centralized collection and reporting for activity and system health information for full manageability of distributed deployments. It supports proactive operations such as monitoring and diagnostics, and reactive operations such as reporting and troubleshooting. Advanced features include a deployment wide session monitor, threshold-based notifications, entitlement reports, and diagnostic tools.