Explore Cisco
How to Buy

Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Identity Based Networking Services

Boost Security and Efficiency, Cut Costs

Cisco Identity-Based Networking Services (IBNS) is an integrated solution that offers authentication, access control, and user policy enforcement to help secure network connectivity and resources. It helps you improve operational efficiency and cut costs by adopting today’s innovative network trends, such as mobility, cloud, and bring-your-own-device (BYOD) access. Boost network efficiency, while helping to ensure security and compliance. Cisco IBNS is the core component of the Cisco TrustSec solution, delivering network-based identity security. To meet customer needs for greater flexibility and scalability in endpoint visibility and access control, Cisco now offers IBNS 2.0.

Featured Content

Enforce Access Security Policies

Simplify access over wired and wireless networks with IBNS 2.0. (3:23 min)

Redefining Identity Networking

Follow the evolution of Cisco Identity-Based Networking Services (IBNS) 2.0.

IBNS 2.0 offers a flexible and extensible identity framework. It allows for any authentication method, with any authorization option, on any media: wired or wireless. It is also serves as the fundamental component of the Cisco Unified Access network and Cisco TrustSec security architectures. The new Common Classification Policy Language (C3PL)-based configuration offers a new way to define and manage enterprise network admission control.

View At-a-Glance
View Deployment Guide

Building Blocks

Cisco's deployment approach gradually introduces identity-based access control. (7:20 min)

    Flexible Authentication

    Cisco IBNS supports a wide range of configurable authentication options.

    Cisco IBNS supports a wide range of authentication options in which order and priority are configurable for additional flexibility. These include:

    • 802.1X for managed devices and users
    • Web authentication for guests or non-802.1X users
    • MAC authentication bypass (MAB) for unmanaged or non-802.1X devices

    Flexible Deployment Modes

    Cisco supports three modes for a phased 802.1X deployment: monitor, low impact, and high security. In particular, 802.1X can be deployed in the monitor mode without enforcement. That way, your business can monitor network authentications, evaluate risks, and prepare the network for access control in later phases.

    Service and Interface Templates

    IBNS 2.0 takes advantage of user-definable and reusable templates for interfaces and network access sessions. While interface templates can be used to simplify configuration management, the service templates can contain authorization parameters like the VLANs, IPv4 and IPv6, access control lists, and much more. These templates may be defined locally on the network authenticators (switch or wireless controllers) or can be authorized by a centralized policy.

    Identity Control Policy

    Configurable through the Cisco C3PL, the Identity Control Policy offers a flexible and extensible policy definition. The Identity Control Policy simplifies access management.

    Device Sensor and AutoConf

    These features offer detection and classification of connecting endpoints at the network access. The new AutoConf solution uses Auto Smart Port Macros for dynamic device-ID-based authorization. With its policy-based IBNS infrastructure and the interface templates, this new framework provides a simplified solution for automatic interface configurations at the enterprise edge.

    Additional Resources

    Contact Cisco

    • 1-800-553-6387
    • US/CAN | 5am-5pm PT