Unified Access Manager provides built-in and pre-integrated TACACS+ and RADIUS servers that provide AAA (Authentication, Authorization and Accounting) services for network infrastructure and also extends authentication, single-sign-on capabilities and policy configurations of Active Directory to network infrastructure.

With countless network devices to manage, organization’s IT departments need to implement policies to determine and control who can log in to manage each device, what operations they can run, and log all actions. Security incidents or errors that result in loss of service and network downtime can easily occur while managing these policies separately on each device. As compliance requirements and security standards require using standardized tools to centralize authentication for administrative management, many IT departments choose to use AAA (Authentication, Authorization and Accounting) protocols, RADIUS or TACACS+ to address these issues, as these protocols enable the organization to have all network devices managed by a single platform.

Benefits

• Native built-in TACACS+ and RADIUS servers support, no need for additional platform to replace aging Cisco ACS servers.
• Stand-alone AAA solution and support for RADIUS and TACACS+ protocols.
• Platform supports configuration of custom AVP (Attribute Value Pair).
• Highly scalable. Supports up to 250,000 devices in a single instance.
• TACACS+ includes per-command authorization and logging.
• TACACS+ protocol is supported by most enterprise and carrier-grade devices.
• Policies can be easily configured by user, IP address, subnet, IP range, device type, location, or time of day.
• Central management for authorization of configuration.
• Log users onto network devices using their Active Directory (AD) usernames and passwords, without additional infrastructure or password synchronization requirements, simplifying administration.
• Extend Active Directory group policies to network infrastructure and support compliance with regulations including GDPR, ISO 27001, SOX, HIPAA, PCI.
• Silently log and manage sessions, without impacting user experience.
• Centralized visibility of all user sessions and executed commands in searchable, indexed human readable format.
• Enable 2FA for network infrastructure, in combination with Ironsphere’s built-in MFA Manager.
• Open protocol based, no vendor lock-in, supporting virtually all network devices.
• Centralized management and view of access privileges.