Cisco whacks its Secure Access Control System

Cisco wants ACS users to move to its Identity Services Engine (ISE) products

padlock unlocked security hole flaw
Mcability (CC0)
Current Job Listings

Cisco this week this week announced the death of its Secure Access Control System – a package customers use to manage access to network resources.

Cisco said the last day customers can order the system is August 30, 2017. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers' service contract the company said. The last date that Cisco Engineering will release any final software maintenance releases or bug fixes is Aug. 30, 2018. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software, the company said.

+More on Network World: Cisco/Ericsson: Assessing the mega-deal a year later+

“The Cisco Secure Access Control System (ACS) product functionality has been implemented in the Cisco Identity Services Engine (ISE) product line. Customers with only Access Control System installations interested in migrating to ISE may purchase a migration bundle with product part number ACS-ISE-MIG-M or ACS-ISE-MIG-S, on sale until August 31, 2017. Customers who have maintained parallel installations of both ACS and ISE are able to simplify their security solution by using the functionality of their ISE installment. Customers with both ACS and ISE installations are not eligible for the migration bundles,” Cisco wrote in an announcement of the product’s end of life.

The move wasn’t surprising to some.

“Cisco's been touting ISE as the policy engine in its security portfolio for some time,” said Jim Duffy a senior analyst with 451 Research The only surprise here is that they didn't EoL ACS sooner”

+More on Network World: 20 years ago: Hot sci/tech images from 1996+

A post about the death of ACS on Reddit today elicited a number of responses – some not too flattering about accessing the ISE interface.

Cisco's Identity Services Engine , first introduced in 2011 lets IT administrators define and enforce security and access privilege policies on endpoints connected to Cisco switches and routers. Cisco says ISE can scale to up to 500,000 endpoints per deployment.

Cisco wrote too that ISE comes with a tool to help customers migrate from Cisco Secure ACS 5.6 or later to Cisco ISE Software 2.1.

“The tool will automatically migrate Cisco Secure ACS configuration data (such as user and device information and policy) to Cisco ISE, but it will not migrate monitoring and troubleshooting data. Cisco Secure ACS customers who have deployed the Cisco Network Admission Control (NAC) Guest Server and NAC Profiler will need to manually migrate guest and profiler configuration policies. Migration tools from Cisco Secure ACS 5.x to Cisco ISE are built into the Cisco ISE Software Release Software Application Support and Upgrades (SASU) contract except for monitoring and troubleshooting. For the NAC Guest Server, automatic migration is planned for Cisco ISE Software Release 2.1. For the NAC Profiler, no migration tool will be available,” Cisco said.

 Check out these other hot stories:

IBM amps-up Watson cybersecurity experiences

Big Switch adds security perimeter around SDN data center

Juniper boosts cloud analytics, machine learning tech with AppFormix buy

IBM warns of rising VoIP cyber-attacks

DARPA building space consortium to set standards for safe robotic maneuvers

Teeny sensor system lets you effectively monitor electricity usage

Spaceflight training jets, balloons create challenges for FAA

Customs gives Cisco adversary Arista green light to resume selling network gear in U.S.

Virgin Galactic, start-up Boom tout supersonic passenger plane

TSA: Keep grandma’s gravy at home but the turducken can fly

IBM: Many companies still ill-prepared for cyber attacks

Planetary scientists push for advanced asteroid deflection mission

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT