TACACS.net was built from the ground up with the user in mind. It’s fast, simple, and easy to deploy.

Runs on Windows Workstation or Server

TACACS.net can be installed on a Windows Server or desktop system. Windows Server is preferred for better performance and Active Directory integration, but can also be run on a Windows desktop system with local Users and Groups, or with local static credentials configured within the system.

Pre-compiled software with installation wizard

The software does not require compiling and comes with an easy to use installation wizard to get you up and running within minutes.

No dependencies

TACACS.net software does not require any other languages or interpreters like Perl, Java, or Python. This simplifies installation and reduces complexity and troubleshooting.

Full support for the TACACS+ protocol

Supports the TACACS+ protocol defined in RFC 1492 and IETF Draft.

Seamless Active Directory Integration

Integrates seamlessly with Active Directory without requiring any additional middleware. You can create profiles based on groups or subgroups already configured in AD. Users can authenticate using their Windows username and password for Single Sign-On (SSO).

Support for Multiple Authentication Databases

TACACS.net supports multiple authentication databases including locally configured users, Active Directory, Windows Users and Groups, LDAP/LDAPS, and RADIUS.

Runs as a Windows service

Windows start/stop/reload

Granular & Flexible Policies

Policies can be set by user, IP address, subnet, IP range, wildcard, device type, hostname, shared secret, day, or time of day. Policies support regular expressions on hostnames, IP addresses, and authorization commands. Policies can also overlap, enabling the administrator to set multiple policies including fallback groups. You can even configure policies based on remote address for provisioning or privileged users.

Easy to Manage

Due to TACACS.net’s flexibility and intuitive configuration files, TACACS.net is much easier to manage than other options. The Level of Effort (LOE) to manage TACACS.net can be as little as zero staff hours per week, depending on how it is deployed and the complexity of the configuration. This translates to lower Operational Expense (OPEX) and higher Return on Investment (ROI).

High Performance

Built from the ground up for speed and stability.

Infinitely Scalable

Scales to the largest Enterprise or WAN networks. Some deployments have thousands of devices on multiple continents.

Simple Configuration

Intuitive configuration with text-based XML files.

Downloadable ACLs for authenticated users

Downloadable ACLs are supported to restrict users for VPNs and proxy authentication.

Vendor-Specific Attributes

Unlimited Vendor specific Attributes (VSAs) are supported.

TACTest Command-line testing tool

TACTest is used for testing and debugging TACACS+ servers. It can be used in stand-alone mode with or without the TACACS.net server.  It can log TACACS+ requests and responses, it is scriptable, and can be used to run performance tests against a target server. More info.

AD/LDAP Diagnostic tool

Diagnose and fix AD/LDAP configuration problems quickly and easily with our custom troubleshooting tool.

Password Encryption

DES encryption for local authentication with text files increases security. Utility included for creating encrypted passwords and shared secrets.

Multi-Factor Authentication

Includes Google Authenticator for multi-factor authentication. Utility included for creating managing shared secrets. More info.

Custom development is available

If your deployment requires a feature that is not already available in TACACS.net, tell us about the desired feature, and we will respond with a quote for custom development. Be sure to include timelines and budgetary constraints where applicable.

Windows is a registered trademark of Microsoft Corporation in the United States and other countries.