Professional Documents
Culture Documents
AAA server
AAA server
To secure network, you have one more way that is AAA model. AAA provides complete solution.
+ Secure login (AAA server is not exposed to users and only some protocols are allowed to be sent
initially)
+ Easy management at one or some centralized servers
+ Firewalls or other security devices can be placed before AAA servers to protect them
+ Can accept or reject specific commands
+ Every command typed by users can be logged for later analysis
Disadvantages:
+ Require powerful server (to handle all the traffic and requests)
RADIUS TACACS
Transportation and UDP port 1812/1645 TCP Port 49
Port (Authentication),
1813/1646 (Accounting)
Encryption Only password Entire Payload
Standard Open Standard Cisco Proprietary now is standard.
Operation Authentication and Authentication, Authorization,
Authorization are combined into Accounting are separate.
in function. (Packet)
Logging No command logging Full command logging