Guest

Cisco Secure Access Control System

Cisco Secure Access Control System 5.5 Ordering Guide

  • Viewing Options

  • PDF (131.5 KB)
  • Feedback

PB730214

Cisco ® Secure Access Control System (ACS) is a centralized solution that ties together an enterprise's network access policy and identity strategy. Cisco Secure ACS 5.5 is a highly sophisticated policy-based access control platform that delivers:

• Unique, flexible, and detailed device administration in IPv4 and IPv6 networks with full auditing and reporting capabilities as required for standards compliance

• A powerful, attribute-driven rules-based policy model that addresses complex policy needs in a flexible manner

• A lightweight web-based GUI with intuitive navigation and a workflow accessible from both IPv4 and IPv6 clients

• Integrated advanced monitoring, reporting, and troubleshooting capabilities for maximum control and visibility

• A distributed architecture for medium-sized and large-scale deployments, with up to 22 instances in a single Cisco Secure ACS cluster

• Capability to connect different nodes (instances) in a Cisco Secure ACS cluster to different Active Directory domains

• Administrator authentication through Windows Active Directory and LDAP

• API for create, read, update, and delete (CRUD) operations on devices and hosts

• Support for the Online Certificate Status Protocol (OCSP)

• Synchronization of the machine access restriction (MAR) cache among all Cisco Secure ACS instances in a cluster

• Scheduled (automated) reports sent via e-mail

• SNMP traps for ACS Health Status

• Encrypted (secure) syslogs

Availability

Cisco Secure ACS 5.5 is currently available. Customers interested in purchasing this product can place orders through their normal sales channels.

Ordering Information

Cisco Secure ACS 5.5 can be purchased as one of four offerings:

• Cisco Secure ACS application option on the Cisco Secure Network Server (SNS) 3415 or 3495

• Software upgrade for existing Cisco 1120 or 1121 Secure ACS appliance

• Software appliance for installing as a virtual machine on VMware ESX or ESXi 5.0 or 5.1

All versions of Cisco Secure ACS 5.5 run the same software image and support the same features. For system specifications, please view the Cisco Secure ACS 5.5 data sheet at: http://preview.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-729604.html.

Licensing Options

The appliance and VMware versions each include a Base license. The Base license is required for each Cisco Secure ACS 5.5 appliance or software instance in a network.
With the Base license, a Cisco Secure ACS 5.5 appliance or software virtual machine can support the deployment of up to 500 network devices. These are authentication, authorization, and accounting (AAA) clients. The number of network devices is based on how many unique IP addresses are configured. The 500-device limit is not a limit for each individual appliance or instance, but a deployment-wide limit that applies to a set of Cisco Secure ACS instances (primary and secondary) that are configured for replication.
The optional Large Deployment add-on license allows a deployment to support more than 500 network devices. Only one Large Deployment license is required per deployment, as it is shared by all instances.
The optional Security Group Access System license is required for Security Group Access (SGA) and 802.1AE (also known as MACsec) functions. Only one Security Group Access System license is required per deployment, as it is shared by all instances.
Please see the Cisco Secure ACS Deployment Guide for guidelines on deployment planning and sizing.

Base Components

To order Cisco Secure ACS 5.5, you must order one of the Base products shown in Table 1. If you are upgrading an existing Cisco Secure ACS deployment, you will need to order a product from Table 3 or Table 4.

Table 1. Cisco Secure ACS 5.5 Part Numbers for New Orders

Part Number

Product Description

SNS-3415-K9 with Application Software Option

CSACS-3415-K9

Cisco SNS 3415 appliance for Cisco Secure ACS, ISE, and NAC products

Cisco Secure ACS application software option and Base license for the Cisco SNS 3415 appliance

SNS-3495-K9 with Application Software Option

CSACS-3495-K9

Cisco SNS 3495 appliance for Cisco Secure ACS, ISE, and NAC products

Cisco Secure ACS application software option and Base license for the Cisco SNS 3495 appliance

CSACS-5.5-VM-K9

Cisco Secure ACS 5.5 VMware software and Base license

R-CSACS-55VM-K9

Cisco Secure ACS 5.5 VMware software and Base license (e-delivery)

Note: Cisco SNS 3495 with the Cisco Secure ACS software option is scheduled to be available in December 2013.

Additional Licenses

If you need any additional licenses, such as the Large Deployment license to support more than 500 devices, please order one of the products shown in Table 2.

Table 2. Cisco Secure ACS 5.5 Part Numbers for Additional Licenses

Part Number

Product Description

CSACS-5-LRG-LIC

Cisco Secure ACS 5 Large Deployment add-on license

L-CSACS-5-LRG-LIC

Cisco Secure ACS 5 Large Deployment add-on license (e-delivery)

CSACS-5-ADV-LIC

Cisco Secure ACS 5 Security Group Access System license

L-CSACS-5-ADV-LIC

Cisco Secure ACS 5 Security Group Access System license (e-delivery)

Upgrades and Migration

Customers can upgrade from any previous version of Cisco Secure ACS to Release 5.5. Cisco Secure ACS 5.5 includes software utilities to migrate data from previous versions. Please see the migration guides for the Cisco Secure ACS for more details on data migration.
To upgrade from Cisco Secure ACS 4.2 or earlier, please choose the relevant product from Table 3.

Table 3. Cisco Secure ACS 5.5 Upgrade Part Numbers for Release 4.2 and Earlier

Part Number

Description

SNS-3415-K9 with Application Software Option

CSACS-3415-UP-K9

Cisco SNS 3415 appliance for Cisco Secure ACS, ISE, and NAC products

Upgrade to Cisco Secure ACS application software on the Cisco SNS 3415 appliance with Base license from previous versions

SNS-3495-K9 with Application Software Option

CSACS-3495-UP-K9

Cisco SNS 3495 appliance for Cisco Secure ACS, ISE, and NAC products

Upgrade to Cisco Secure ACS application software on the Cisco SNS 3495 appliance with Base license from previous versions

CSACS-5.5-VM-UP-K9

Cisco Secure ACS 5.5 VMware software and Base license upgrade for previous versions

R-CSACS-55VMUP-K9

Cisco Secure ACS 5.5 VMware software upgrade (e-delivery)

Note: Cisco SNS 3495 with the Cisco Secure ACS software option is scheduled to be available in December 2013.

Please choose the relevant products from Table 4 if you are upgrading from:

• Cisco 1120 Secure ACS appliance running Cisco Secure ACS 5.0 or later

• Cisco 1121 ACS appliance running Cisco Secure ACS 5.1, or later

• Cisco Secure ACS software version 5.0 or later running on VMware

Note: You should select the part number based on whether you have an existing Software Application Support (SAS) contract or not.

Table 4. Cisco Secure ACS 5.5 Upgrade Part Numbers for Release 5.0 and Later

Part Number

Product Description

CSACS-5.5SW-MR-K9=

Cisco Secure ACS 5.5 minor upgrade for customers without SAS

CSACS-5.5SW-SR-K9=

Cisco Secure ACS 5.5 minor upgrade for customers with SAS

Electronic Delivery

Electronic delivery is available for VMware software appliance versions of Cisco Secure ACS 5.5 and for additional license options, such as the Large Deployment license.
After you order one of the electronic delivery products, you will receive details on how to download the software and obtain a license via email. This allows you to get the software without having to wait for the delivery of physical media and licenses packages.
Electronic delivery is available only for the software and licenses shown in Table 5.

Table 5. Cisco Secure ACS 5.5 Electronic Delivery Part Numbers

Part Number

Description

R-CSACS-55VM-K9

Cisco Secure ACS 5.5 VMware software and Base license (e-delivery)

R-CSACS-55VMUP-K9

Cisco Secure ACS 5.5 VMware software upgrade (e-delivery)

L-CSACS-5-LRG-LIC

Cisco Secure ACS 5 Large Deployment license (e-delivery)

L-CSACS-5-ADV-LIC

Cisco Secure ACS 5 Security Group Access System license (e-delivery)

Software and Hardware Support

Some Cisco SMARTnet ® service contracts for the Cisco SNS 3415 and 3495 appliances include hardware support and application software maintenance support, including upgrades to future version 5 releases and access to online resources and support services.
For more information about Cisco SAS and SMARTnet, please visit http://www.cisco.com/en/US/products/svcs/ps3034/ps2827/serv_category_home.html.
To find support offerings and options that relate to specific Cisco Secure ACS products, please visit http://www.cisco-servicefinder.com.

Note: SAS part numbers for hardware options can be found by searching on "SNS-3415-K9 or SNS-3495-K9" on Cisco.com.

For More Information

Please check the Cisco Secure ACS homepage at http://www.cisco.com/go/acs for the latest information about Cisco Secure ACS.
For more information, please send your questions to acs-mkt@cisco.com or contact your account representative.