This chapter discussed the ways you can implement security using either the TACACS+ protocol or the RADIUS protocol. Using a TACACS+ server or a RADIUS server, you can verify the identity of a user with AAA authentication. Also, you can not only centrally manage user credentials (username and password), but you can also centrally configure and manage the permissions that are assigned to a user through the use of AAA authorization. You are surely aware of the importance of change control and logging user activity. Using AAA accounting, you can track and log what a user does and for how long the user does it when accessing network resources. |