AAA, which stands for Authentication, Authorization, and Accounting, is an integral part of security functionality on the Cisco IOS Router. As the name implies, authentication verifies who the users are, authorization allows or denies what users can do after authentication, and accounting logs user activity. Because this chapter launches the discussion of Network Access Control, a detailed explanation of AAA architecture is included, as is the protocol involved with it. This discussion forms the foundation knowledge required for understanding this chapter and the following AAA chapters on Switch, Private Internet Exchange (PIX) Firewall, and the Virtual Private Network (VPN) Concentrator. AAA protocol implements the client-server model. This chapter examines the client side of the equation on the router. The chapter concludes with the best practices.