Cisco IOS is the best OS for Cisco routers and switches.
There are a lot of plus points of using Cisco IOS. A brief introduction about them are as follows.AAA- Cisco IOS has a lot advantages while using AAA. It can use various encryption services which also includes EAP with Radius.Firewall- You can use Cisco IOS Advance IP Services for creating Zone based firewalls on Cisco Routers.TCP Intercept- It prevents DDOS attacks quite effectively.PKI- You can use RSA keys in PKI. Also lets you use Certificates in PKI.VPN- Almost any type of VPN can be configured using IOS security. Site to site or remote. 802.1X- This facility has helped a lot of organizations and ISPs to maintain authentication for their users.
Room for Improvement:
It is very hard to find any limitations of this OS
Still when you use this as Zone based firewall you can see its limitations.
You need to restrict traffic with ACL, which is fine but you need to create too many ACLs.
Hence management of ACLs is a tedious task.
Works better with TACACS+ which is Cisco proprietary.
WAN connectivity is difficult on a router which is running IOS Security.
The best OS from my point of view in Cisco IOS is Advanced IP Services.
This OS has changed the definition of network security by using the router.
The use of VPN concentrator is coming to an end because this OS can handle any kind of VPN using the router, so no need of VPN concentrators.