The Cisco® Secure Services Client is a software application that enables businesses of all sizes to deploy a single authentication framework across endpoint devices to enable access to both wired and wireless networks. The Cisco Secure Services Client solution delivers simplified management, robust security, and lower total cost of ownership. Through a simplified and scalable deployment mechanism, IT administrators can deploy and manage the Cisco Secure Services Client across the enterprise. The software client manages the user and device identity and the network access protocols required for secure access.
The Cisco Secure Services Client uses the IEEE 802.1X authentication standard to provide a robust first line of defense against unauthorized network intrusions. Using the 802.1X standard, access control decisions are made before the endpoint device is granted an IP address and access to the network. This gives the Cisco Secure Services Client the flexibility to deploy strong security for managing identity-based access for users and devices, and to deliver an effective port management solution. As a result, the operational cost of protecting the network is reduced.
The Cisco Secure Services Client Version 5.0 contains an enterprise deployment feature that allows IT administrators to configure and deploy client profiles to the entire organization. Deploying the client from a centralized location saves significant time and ultimately helps lower the total cost of ownership (TCO) of deploying an 802.1X supplicant.
New Features and Benefits
Version 5.0 of the Cisco Secure Services Client includes the following new features:
New Graphical User Interface
• "Two-click connect" for simple network connection.
• Simplified user interface for lower total cost of ownership.
• Connection status information available through icon hover.
• Robust connection control via icon right mouse click.
Cisco Enterprise Deployment Mechanism
• Client provisioning from a unified .xml file.
• Single provisioning schema independent of hardware.
• The administrator can now easily create an .msi file containing the .xml and .exe file for installation.
• Files can then be deployed using standard deployment tools such as Microsoft Active Directory, Microsoft SMS, and Altiris.
Filtering of Unwanted Service Set Identifiers (SSIDs)
• Decreases the number of available networks for users
• Enforces corporate security policies for end users
Enforcing Wired over Wireless
• Enables wireless interface to be disabled when a wired connection is present
• Eliminates unwanted wireless bridging to wired network
Policy Enforcement Manager
• Enforces an 802.1X identity-based network security framework
• Configures and enforces access policies to protect corporate resources and assets
Network Profile Manager
• Using the administrator console, administrators can define preconfigurations, lock down client features, and deploy end-user profiles for enterprise, travel, and home connections
• Provides network entitlement rights for employees, guests, and suppliers with different levels of security
Credential Manager
• Windows single sign-on (SSO) capabilities, including device and user authentication
• User-based authentication session and credential challenge
Secure Network Access
• Authenticated access to 802.1X wired and wireless LANs
• Compatible with Wi-Fi-certified devices
• Support for all Wi-Fi encryption modes: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access-personal mode (WPA-personal mode), WPA2-personal mode, WPA-enterprise mode, WPA2-enterprise mode, Dynamic WEP (802.1X), Advanced Encryption Standard (AES), Temporal Key Integrity Protocol (TKIP)
• Support for a wide selection of Extensible Authentication Protocol (EAP) types
• Protection of user privacy with EAP "anonymous" access
• Integration with Cisco Trust Agent, providing strong Layer 2 802.1X-based Network Admission Control (NAC) support
• Compatible with the Cisco Secure Access Control Server (ACS)
Access Management and Automated Configuration Control
• Enterprise deployment mechanism through a unified .xml file
• Delivers user access policies to any port accessed by a user
• Centrally deploys Microsoft Active Directory machine or user group profiles
• Enables automatic configuration of VLANs
• Comprehensive SSO support for the Windows login environment
Wired Ethernet 802.3 and Wi-Fi 802.11a, 802.11b, 802.11g
Switch interoperability
Any 802.1X-compatible Wi-Fi access point and wired Ethernet switch
Authentication, authorization, and accounting (AAA) interoperability
Supports standard RADIUS servers such as Cisco Secure ACS and Microsoft Internet Authentication Service (IAS)
Windows SSO
Active Directory machine and user authentication
Enterprise deployment
Export network profiles and lock user interface
System Requirements
Table 2 lists minimum system requirements for the Cisco Secure Services Client Version 5.0.
Table 2. System Requirements for Cisco Secure Services Client Version 5.0
System
Minimum Requirements
Disk space
30 MB
Hardware
Pentium III 500 MHz (minimum), Windows 2000 (Advanced) Server SP4, Windows 2003 Server (Standard, Enterprise), wired or wireless network card with a driver that supports NDIS 5.1 (wireless card should have the Wi-Fi Alliance stamp or logo)
Memory
128-MB RAM
Software
Windows XP (Home or Pro) SP1/SP2, Windows 2000 Pro SP4
Ordering Information
Table 3 lists the part number for the Cisco Secure Services Client Version 5.0. To download the Cisco Secure Services Client, visit the Cisco Ordering Home Page.
Table 3. Ordering Information for Cisco Secure Services Client Version 5.0
Product Name
Part Number
Cisco Secure Services Client
AIR-SC5.0-XP2K
Service and Support
Cisco and our Wireless LAN Specialized Partners offer a broad portfolio of end-to-end services based on proven methodologies for planning, designing, implementing, operating, and optimizing the performance of a variety of secure voice and data wireless network solutions, technologies, and strategies. Cisco Wireless LAN Specialized Partners bring application expertise to help deliver a secure enterprise mobility solution with a low total cost of ownership. For more information about Cisco Services for wireless LAN, visit www.cisco.com/go/wirelesslanservices.
