Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
IS ACS EASY TO SET UP w/ Win2K and PIX??
- Thread starter gman10
- Start date
HI.
I've never used CSACS in production, but here is what I know/think.
The main features it gives you are access control per user.
So if you wish to define a company policy which gives several users only http access, and opens other ports for other users, it might be a good option.
You should note the CSACS does not do URL filtering nor content filtering.
So, if you do not need this kind of control and all internal users will have the same policy for outbound connections, then no need for it.
CSACS can also be used to authenticate inbound connections and to control access of incoming connections.
If you do need the options to control outbound access, you can either use CSACS or other products, including some proxy servers - some of them can give you more options like content filtering.
CSACS is not plug and play - you need to know what you want to do, then you need to configure both the pix and the CSACS server. It is not so dificult once you have the basic knowledge and there is GUI interface, but it is not something like just run SETUP.EXE and press enter.
In general (but depending on your needs), I think that purchasing a proxy server, content filters and/or dedicated VPN server can give you more options for your money.
Bye
Yizhar Hurwitz
I've never used CSACS in production, but here is what I know/think.
The main features it gives you are access control per user.
So if you wish to define a company policy which gives several users only http access, and opens other ports for other users, it might be a good option.
You should note the CSACS does not do URL filtering nor content filtering.
So, if you do not need this kind of control and all internal users will have the same policy for outbound connections, then no need for it.
CSACS can also be used to authenticate inbound connections and to control access of incoming connections.
If you do need the options to control outbound access, you can either use CSACS or other products, including some proxy servers - some of them can give you more options like content filtering.
CSACS is not plug and play - you need to know what you want to do, then you need to configure both the pix and the CSACS server. It is not so dificult once you have the basic knowledge and there is GUI interface, but it is not something like just run SETUP.EXE and press enter.
In general (but depending on your needs), I think that purchasing a proxy server, content filters and/or dedicated VPN server can give you more options for your money.
Bye
Yizhar Hurwitz
- Thread starter
- #3
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question