Krontech Introduces Offering for Companies Facing Cisco Access Control Server (ACS) End of Life Decisions

Dramatically better replacement than Cisco’s recommended Identity Service Engine (ISE) including: features, flexibility and financials

November 9, 2017; New York, NY:   Krontech™, a global leader in network Access Control Systems, announced today it has been implementing and continues to roll out a full-featured, full-service replacement for Cisco’s Secure Access Control System (ACS).

In December 2016, Cisco announced it will no longer support ACS, which has been a defacto industry standard for device network authentication and administration. End of life has already occurred for numerous customers and will impact the remaining in August 2018. Virtually every enterprise organization around the world is impacted by this decision and will need to decide on a plan to support TACACS+ and Radius authentication capabilities.

Cisco’s plan is to continue their traditional vendor lock-in strategy, by advising customers to upgrade to their new Identity Service Engine (ISE) which offers a complex range of options, including multiple deployment models (AAA, 802.1X, guest, BYOD, pxGrid, mobile device management) and recurring licensing agreements. The pricing methodology also limits the number of endpoints, which can either become a runaway cost model or limit the infrastructure customers are able to support using ISE.

“After spending a great deal of time with our enterprise customers and our technology partners, we confirmed that IT organizations no longer wish to be trapped by expensive, long-term contracts and complicated products, particularly when there are much smarter options,” said Orhan Yildirum, head of product management and marketing for Krontech. “Cisco’s replacement has some ACS capabilities and supports TACACS+ and Radius protocols, but is expensive and inflexible compared to our Single Connect alternative.”

In Cisco’s ACS documentation they state, “Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software.”

Cisco’s ISE solution requires the use of Cisco UCS C2220 servers (vs. Linux and other open approaches) and while they tout virtualization options, and a capacityof up to 500,000 concurrent sessions and up to 1.5 million endpoints per deployment, along with security planning and advanced support, this all comes at a high price and an approach so complex IT teams may find themselves locked in for years to come.

“Upgrading ACS to ISE is not a straightforward version upgrade but instead it is a migration from one product to another which is time consuming, resource heavy and expensive to support,” Yildirum continued. “This is why we collaborated with several of our largest customers and other technology partners to create a solution that is simpler to implement, much more scalable, and built from the ground up for virtualized networks.”

Krontech is offering a proof of concept of Single Connect, free of charge, as a replacement for ACS, based on its successful implementations already in place and underway within enterprises today. Krontech collaborates with IT teams reviewing existing ACS deployments to ensure organizational requirements are replicated and/or improved with our Single Connect replacement platform. Not only is Krontech able to dramatically reduce the total cost of ownership, we are also strengthening identity access management and privileged access management protocols throughout the organization and providing transparent and detailed pricing.

Last month, Krontech announced that GTT, one of the world’s largest enterprise network service providers, has implemented Single Connect throughout their network, replacing Cisco ACS.

In that announcement, James Karimi, senior vice president of engineering at GTT, said “We take network security very seriously, on many levels. Krontech’s Privileged Access Management solution provides an additional line of defense, with software that provides effective reporting, transparency, and control, while simplifying daily operations.”

Single Connect is a Privileged Access Management tool providing secured, centralized and automated management of passwords for administrative, service and application accounts, and the enforcement of policies. The solution includes controlled access to shared accounts, management and monitoring of privileged sessions, commands and actions in real time, and recording and reporting for compliance and audit. The software is Linux-based and easily integrates into existing management platforms, pre-integrated with the most popular email, messaging and other business applications.

About Krontech

Krontech is a software company established in 2007, and produces and integrates advanced technology software in the fields of Access Control Systems, Network Packet Brokerage, Streaming Analytics, Fast Data & Real Time Data Processing, and Next-generation Security and Audit. With cost-efficient, flexible, and tailored solutions, Krontech is a respected and proven partner, capable of supporting organizations of all sizes and in every industry. We have significant experience in protecting extremely large and complex infrastructures including many Tier-1 telecom service providers and large global enterprises. Krontech’s North American operations are headquartered in New York City with research and development facilities in Istanbul, and regional sales and support offices in Europe, Middle East and Africa, and Asia Pacific. Please visit

Contact: [email protected] for more information.