Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Boost Security and Efficiency, Cut Costs

Cisco Identity-Based Networking Services (IBNS) is an integrated solution that offers authentication, access control, and user policy enforcement to help secure network connectivity and resources. It helps you improve operational efficiency and cut costs by adopting today’s innovative network trends, such as mobility, cloud, and bring-your-own-device (BYOD) access. Boost network efficiency, while helping to ensure security and compliance. Cisco IBNS is the core component of the Cisco TrustSec solution, delivering network-based identity security. To meet customer needs for greater flexibility and scalability in endpoint visibility and access control, Cisco now offers IBNS 2.0.

Featured Content


Enforce Access Security Policies

Simplify access over wired and wireless networks with IBNS 2.0. (3:23 min)

Redefining Identity Networking

Follow the evolution of Cisco Identity-Based Networking Services (IBNS) 2.0.

IBNS 2.0 offers a flexible and extensible identity framework. It allows for any authentication method, with any authorization option, on any media: wired or wireless. It is also serves as the fundamental component of the Cisco Unified Access network and Cisco TrustSec security architectures. The new Common Classification Policy Language (C3PL)-based configuration offers a new way to define and manage enterprise network admission control.

View At-a-Glance
View Deployment Guide

Building Blocks


Cisco's deployment approach gradually introduces identity-based access control. (7:20 min)

Flexible Authentication

Cisco IBNS supports a wide range of configurable authentication options.

Cisco IBNS supports a wide range of authentication options in which order and priority are configurable for additional flexibility. These include:

  • 802.1X for managed devices and users
  • Web authentication for guests or non-802.1X users
  • MAC authentication bypass (MAB) for unmanaged or non-802.1X devices

Flexible Deployment Modes

Cisco supports three modes for a phased 802.1X deployment: monitor, low impact, and high security. In particular, 802.1X can be deployed in the monitor mode without enforcement. That way, your business can monitor network authentications, evaluate risks, and prepare the network for access control in later phases.

Service and Interface Templates

IBNS 2.0 takes advantage of user-definable and reusable templates for interfaces and network access sessions. While interface templates can be used to simplify configuration management, the service templates can contain authorization parameters like the VLANs, IPv4 and IPv6, access control lists, and much more. These templates may be defined locally on the network authenticators (switch or wireless controllers) or can be authorized by a centralized policy.

Identity Control Policy

Configurable through the Cisco C3PL, the Identity Control Policy offers a flexible and extensible policy definition. The Identity Control Policy simplifies access management.

Device Sensor and AutoConf

These features offer detection and classification of connecting endpoints at the network access. The new AutoConf solution uses Auto Smart Port Macros for dynamic device-ID-based authorization. With its policy-based IBNS infrastructure and the interface templates, this new framework provides a simplified solution for automatic interface configurations at the enterprise edge.

Feature Availability at a Glance

Platform

Cisco IBNS (Classic)

IBNS 2.0 (New-Style)

Per MAC VLANs

AutoConf & Interface Templates

Catalyst 2960-S, 2960-SF, 2960-C, 2960-Plus and 3560-C 12.2SE 15.2(2)E No 15.2(2)E
Catalyst 2960X/XR 15.2(2)E 15.2(2)E No 15.2(2)E
Catalyst 2960L 15.2(5)E 15.2(5)E No 15.2(5)E
Catalyst 3560-X and 3750-X 12.2SE 15.2(2)E No 15.2(2)E
Catalyst 3650 and 3850 3.6.0E 3.6.0E 3.6.0E 3.6.0E
Catalyst 4948E, 4948E-F, 4500/4500E Sup6E/Sup6-LE 12.2SG 15.2(2)E No 15.2(2)E
4500E Sup9E 3.10.0E 3.10.0E No 3.10.0E
4500E Sup8E/Sup8-LE 3.6.0E 3.6.0E No 3.6.0E
Catalyst 4500X, 4500E Sup7E/Sup7-LE 3.6.0E 3.6.0E No 3.6.0E
Catalyst 6500/E Sup720/Sup2T 15.2(1)SY 15.2(1)SY No 15.2(1)SY

Sorry, no results matched your search criteria(s). Please try again.

Additional Resources


Contact Cisco