News Release

Cisco Announces Advanced Security Access Control Servers

CiscoSecure Family Expands with Advanced Features and New Products
Apr 15, 1997

SAN JOSE, Calif.-April 15, 1997- Cisco Systems, Inc. today extended itsenterprise-wide security initiative with the release of the CiscoSecure(TM)access control server (ACS) 2.0 for UNIX. CiscoSecure ACS 2.0 integrates advancednew features that include token card authentication, a multiuser Web-based JAVAGraphical User Interface (GUI) and full relational database support for storageof user and group profile information. Cisco is also announcing today CiscoSecureEasyACS 1.0, an entry-level access control server for Windows NT environments.

Summer 1997 releases of the CiscoSecure for both UNIX and Windows NTplatforms will include full support for the Remote Authentication Dial-In UserService (RADIUS) security protocol. CiscoSecure access control servers supportingboth the TACACS+ and RADIUS protocols will enable security administrators toefficiently deploy Cisco IOS(TM) security services across multivendor hardwareenvironments. Cisco IOS software is a platform that delivers network services andenables networked applications.

CiscoSecure ACS 2.0 integrates into the identity phase of the enterprise-widesecurity initiative and is used to authenticate users and determine whichinternal networks and services they may access. By authenticating users against adatabase of user and group profiles, the access control server effectivelysecures private enterprise and service provider networks from unauthorizedaccess.

CiscoSecure ACS 2.0, the second major release of CiscoSecure, deliversenhanced performance, compatibility and scalability. CiscoSecure EasyACS isdesigned to deliver basic security functions to branch office and start-up ISPenvironments. EasyACS leverages the easy-to-use Windows NT environment duringinstallation and ongoing Web-based management.

"As our network continues to expand and become increasingly sophisticated, itbecomes more and more challenging to administer security services across theentire network infrastructure," said Sally Grant, assistant vice president ofNetwork Development and Sustainment at USAA. "With CiscoSecure ACS 2.0, we cancontrol who is authorized to dial in, which services they may access, and whichsecurity services to administer."

CiscoSecure ACS 2.0 for UNIX

CiscoSecure ACS 2.0 incorporates a new, multiuser, Web-based JAVAconfiguration and management tool that simplifies server administration andenables multiple system administrators to simultaneously manage security servicesfrom multiple locations. The GUI supports Microsoft and Netscape Web browsers,providing multiplatform compatibility and offering secure administration via theindustry-standard Secure Sockets Layer (SSL) communication mechanism. Token cardsfrom CRYPTOCard, Secure Computing Corporation and Security Dynamics Technologiesare now fully supported. Token cards are the strongest method used today toauthenticate users dialing in and prevent unauthorized users from accessingproprietary information. CiscoSecure ACS 2.0 now supports industry-leadingrelational database technologies from Sybase Inc. and Oracle Corporation.Traditional scalability, redundancy and non-distributed architecture limitationsare removed with the integration of relational database technologies such asSybase's SQL Anywhere. Storage and management of user and group profileinformation is greatly simplified.

Additional features included in CiscoSecure ACS 2.0 include an automaticaccount disable for the prevention of brute force attacks and a server attributecalled Maxsessions that limits the number of login sessions or ISDN B channelsrequired for a user or a Virtual Private Dial Network (VPDN) profile.

CiscoSecure EasyACS

CiscoSecure EasyACS is an entry-level access control server that operates onWindows NT servers. It enables user authentication against an NT user database oran EasyACS database file in addition to providing fundamental authorization andaccounting. EasyACS is ideally suited to branch office environments where minimaltechnical support is available and in start-up ISP environments where servicesmust be deployed quickly and cost-effectively. EasyACS delivers basicauthentication, authorization, and accounting security functions and will beincluded at no additional charge with all Cisco dial access servers as part of acomplete dial access solution. EasyACS is also managed with an easy-to-useWeb-based GUI.

In addition to protecting networks from unauthorized access, the CiscoSecurefamily of products are used control access to the configuration of Cisco routersand Internet access through Cisco firewalls. CiscoSecure products are the mostscalable way to deploy Cisco IOS security services and control access indynamically changing and growing network environments.

"As Cisco continues to build momentum in dial access networks with new dialplatforms, access control and security now play an increasingly important role,"said Kevin Kennedy, vice president and general manager of the Access BusinessUnit at Cisco Systems. "With CiscoSecure 2.0, CiscoSecure EasyACS, and supportfor RADIUS and TACACS+ security protocols, security administrators can noweffectively deploy Cisco IOS security services from multiple locations, acrossmultiple vendor platforms, with an easy to use Web-based interface."

Cisco Systems

Cisco Systems, Inc. (NASDAQ: CSCO)is the worldwide leader in networking for the Internet. News and information areavailable at

# # #

Cisco IOS and Cisco Systems are trademarks, and Cisco and the Cisco logoare registered trademarks of Cisco Systems, Inc. All other trademarks, servicemarks, registered trademarks or registered service marks mentioned in thisdocument are the property of their respective owners.