Solved

Cisco Security Agent (CSA) vs Cisco Secure Access Control Server (ACS)

Posted on 2006-11-08
7
193 Views
Last Modified: 2010-04-11
I could not find the difference between these two terminology when I did googled.

Any help for that ?

Regards
0
Comment
Question by:zillah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17897984
Cisco Security Agent:

  This is Host Based IDS System which comes in a Server/Client model. You have a server and you install clients on all your workstations. So you get the Host based IDS System and for monitoring/deploying you can use the Server.

Cisco Secure Access Control Server:

  This is an Authentication Server which supports TACACS+ and RADIUS. It is more versatile and integrates very well with different Cisco Management Products. Dynamic downloading of ACL based on user login etc are some great features.

Cheers,
Rajesh

CSA -> http://www.cisco.com/en/US/products/sw/secursw/ps5057/index.html

CSACS -> http://www.cisco.com/en/US/products/sw/secursw/ps2086/index.html
0
 

Author Comment

by:zillah
ID: 17898155
[cut]
This is Host Based IDS System which comes in a Server/Client model. You have a server and you install clients on all your workstations. So you get the Host based IDS System and for monitoring/deploying you can use the Server.
[/cut]

Again thanks Rajesh

If I have got cisco IDS (4215) as stand alone device, within my network, is there any need to use Cisco Security Agent (Host Based IDS) ?
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 125 total points
ID: 17899102
Both serves its own purpose Zillah. For example, most of the times a *well placed* Network IDS like 4215 would suffice. But if you are running 4.x code on it you'll only get detection. But CSA is a host based IPS, it will prevent it as well.

A well organized company will have enough security configurations for the workstations (like user not being in administrator group, well maintained Group Policy etc.) In such cases NIDS is enough.

But if that is not the case, then I would recommend for CSA, since it will do a better job. If you want to try out you can I guess, just see if you like the behavior and you'll come to know.

Cheers,
Rajesh
0
SuperAntiSpyware Licenses Discounted by 25% !

Exclusive offer to Experts Exchange Members!
Buy SuperAntiSpyware License(s) from us and save 25% on the regular purchase price.
- Includes Full SuperAntiSpyware Vendor Support Entitlements
- Your Subscription does not begin until you activate your license
- Buy for your friends

 
LVL 32

Expert Comment

by:rsivanandan
ID: 17904111
May I know why grade B ? For this question as well as the other one (for radius). I thought I did help you to what you wanted to know, just asking.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17904189
Sorry I will try to modify it if I can
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17904356
No worries, forget it. I am wondering if I left out anything thats all.

Cheers,
Rajesh
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question