AAA

The CiscoSecure Access Control Server (CSACS) is available on UNIX and Windows platforms. It provides a network with AAA capabilities. A Java-based Web tool allows multiple administrators.

AAA stands for authentication, authorization, and accounting.

CSACS has three components: client, server, and database.

Terminal Access Controller Access Control System (TACACS+) is a Cisco-proprietary protocol for use with the CSACS. It uses TCP/IP, encrypts all data, and allows multiple levels of authorization, and it can use other methods of authentication such as Kerberos.

Remote Authentication Dial-In User Service (RADIUS) is an open Internet Engineering Task Force (IETF) standard. It uses User Datagram Protocol (UDP) and encrypts only passwords. It also combines authentication and authorization as a single service; they are not separated as with TACACS+.

In packet mode, also known as interface mode, the data passes through the router from one network to another through such ports as async, Basic Rate Interface (BRI), Primary Rate Interface (PRI), serial, and dialer interfaces.

In character mode or line mode, the data is destined to the router to a TTY, VTY, aux, or con port, most likely for configuration and maintenance reasons.

When you turn on authentication using the default group, it is applied to all interfaces.