Monday, 2 November 2009

Network Security Part 9 TACACS+ & AAA.


In computer networking, TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services.

TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous version of TACACS. TACACS+ and RADIUS have generally replaced the earlier protocols in more recently built or updated networks, although TACACS and XTACACS are still running on many older systems.

TACACS+ Server.

Authentication, Authorization and Accounting (AAA):
Whereas RADIUS combines authentication and authorization in a user profile, TACACS+ separates the two operations. Another difference is that TACACS+ uses the Transmission Control Protocol (TCP) while RADIUS uses the User Datagram Protocol (UDP). Most administrators recommend using TACACS+ because TCP is seen as a more reliable protocol.

The extensions to the TACACS+ protocol provide for more types of authentication requests and more types of response codes than were in the original specification.

No comments:

Post a Comment