Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco Security Agent (CSA) vs Cisco Secure Access Control Server (ACS)

Posted on 2006-11-08
7
Medium Priority
?
195 Views
Last Modified: 2010-04-11
I could not find the difference between these two terminology when I did googled.

Any help for that ?

Regards
0
Comment
Question by:zillah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17897984
Cisco Security Agent:

  This is Host Based IDS System which comes in a Server/Client model. You have a server and you install clients on all your workstations. So you get the Host based IDS System and for monitoring/deploying you can use the Server.

Cisco Secure Access Control Server:

  This is an Authentication Server which supports TACACS+ and RADIUS. It is more versatile and integrates very well with different Cisco Management Products. Dynamic downloading of ACL based on user login etc are some great features.

Cheers,
Rajesh

CSA -> http://www.cisco.com/en/US/products/sw/secursw/ps5057/index.html

CSACS -> http://www.cisco.com/en/US/products/sw/secursw/ps2086/index.html
0
 

Author Comment

by:zillah
ID: 17898155
[cut]
This is Host Based IDS System which comes in a Server/Client model. You have a server and you install clients on all your workstations. So you get the Host based IDS System and for monitoring/deploying you can use the Server.
[/cut]

Again thanks Rajesh

If I have got cisco IDS (4215) as stand alone device, within my network, is there any need to use Cisco Security Agent (Host Based IDS) ?
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
ID: 17899102
Both serves its own purpose Zillah. For example, most of the times a *well placed* Network IDS like 4215 would suffice. But if you are running 4.x code on it you'll only get detection. But CSA is a host based IPS, it will prevent it as well.

A well organized company will have enough security configurations for the workstations (like user not being in administrator group, well maintained Group Policy etc.) In such cases NIDS is enough.

But if that is not the case, then I would recommend for CSA, since it will do a better job. If you want to try out you can I guess, just see if you like the behavior and you'll come to know.

Cheers,
Rajesh
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
LVL 32

Expert Comment

by:rsivanandan
ID: 17904111
May I know why grade B ? For this question as well as the other one (for radius). I thought I did help you to what you wanted to know, just asking.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17904189
Sorry I will try to modify it if I can
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17904356
No worries, forget it. I am wondering if I left out anything thats all.

Cheers,
Rajesh
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
How does someone stay on the right and legal side of the hacking world?
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question