Start Free TrialLog in
Avatar of osloboy
osloboyFlag for United Kingdom of Great Britain and Northern Ireland

asked on 

AAA Functionality for CISCO Devices

hi experts,

i got around 50 CISCO devices including Switches, Routers, IDS, IPS, CISCO WORKS.

want to achieve AAA.

what are possible solutions (FREE and Commercial) can be possible, i am already using LDAP for VPN users.

as i know TACACS + is cisco proprietary, what else is there
Network ArchitectureNetwork OperationsCisco
Avatar of undefined
Last Comment
Ernie Beek
Avatar of Ernie Beek
Ernie Beek
Flag of Netherlands image
Well, of course you have LOCAL (but you don't want that for 50 devices :), RADIUS (which comes standard on for example windows servers: IAS or NPS), SDI (an RSA proprietary), LDAP (but you know that), NT domain (for use with older domains), Kerberos and HTTP form (can only be used for VPN user aythentication).
Have a look at: http://www.cisco.com/en/US/docs/security/asa/asa72/asdm52/user/guide/aaasetup.html#wp1280273
Avatar of osloboy
osloboy
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

erniebeek:

please give some more details as ENGLISH is mixed up

1) Kerberos and HTTP form (can only be used for VPN user aythentication)???? is it not recmonded   or at all we can not use it
Avatar of Ernie Beek
Ernie Beek
Flag of Netherlands image
Not quite, did you have a look at the link I provided? It shows a nice overview.
HTTP form can only be used for VPN user authentication. so that is all you can use it for.
Kerberos can be use for authentication of VPN users, Firewall sessions and Administrators. But not for authorization or accounting.
Avatar of osloboy
osloboy
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

its clear, thanks

just a layman thought.

as TACACS+ is commercial, and in case of less $, what can be your Second best choice.
ASKER CERTIFIED SOLUTION
Avatar of Ernie Beek
Ernie Beek
Flag of Netherlands image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of osloboy
osloboy
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

great
Avatar of Ernie Beek
Ernie Beek
Flag of Netherlands image
You're welcome, glad I could help :)

Thx for the points.
Cisco
Cisco

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

27K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent