Summary


TACACS+ is a proprietary protocol implemented by Cisco Systems to facilitate the AAA model in Cisco devices. It is one of a number of choices available for AAA communication between an AAA client and AAA server. TACACS+ is TCP based and separates each function of authentication, authorization, and accounting.

RADIUS is an IETF-standardized protocol that is also implemented in Cisco devices to facilitate the AAA model communications between an AAA server and AAA client. RADIUS uses UDP as its transport protocol and relies on the protocol itself to resend and recover from lost or missing data. RADIUS does not separate authentication and authorization; however, it does separate accounting. RADIUS typically provides more complete accounting capabilities than TACACS+.

As you continue implementing a secure network using AAA, you are often faced with the decision of which protocol to use. In some situations, you have no option. As you proceed though this book, keep in mind the functions of these protocols as you implement them in chapters to come.




Cisco Access Control Security(c) AAA Administrative Services
Cisco Access Control Security: AAA Administration Services
ISBN: 1587051249
EAN: 2147483647
Year: 2006
Pages: 173

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net