The Firewall Feature Set also offers an Authentication Proxy server that allows administrators to apply security policies on a per-user basis. Users are authorized on the basis of their individually assigned user policy and access privileges.
Users can log into the network or access the Internet via HTTP
Their specific access profiles are automatically retrieved and applied from a CiscoSecure ACS or other RADIUS, or TACACS+ authentication server.