AAA is a necessity for all networks. At the very minimum, you need to implement a AAA scheme that allows you to implement stringent access control for the administrative sessions on your network devices. In addition, AAA enables you to provide granular management access through the use of authorization, which allows you to break away from the all-or-nothing administration that is so prevalent on today s networks. You can specify read-only or diagnostic commands for some users, while allowing other users less restrictive access. You can then verify the use and function of your AAA implementation by configuring accounting, allowing you to determine who did what and when they did it.
AAA is about more than just managing administrative access to your network devices, however. Through the use of 802.1x port authentication, you can also control who can physically connect to your network by ensuring that they have to authenticate before they are granted access to network services and resources.