Abstract
This chapter explains authentication, authorization, and accounting (AAA) mechanisms and their benefits. It also describes the Remote Access Dial In User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) security protocols. Authentication is the process of identifying and authenticating a user before allowing access to network devices and services. Authorization is the process of determining user privileges and access rights after the users are authenticated. Accounting is the process of recording user activities for accountability, billing, auditing, or reporting purposes. The benefits of implementing AAA include scalability, increased flexibility and control, standardized protocols and methods, and redundancy. Cisco PIX firewalls support the RADIUS and TACACS+ security protocols for use within an AAA mechanism. Each protocol has its advantages and disadvantages. To take advantage of AAA, one must implement and configure an AAA server. Cisco secure access control server (ACS) is AAA server software that supports both the TACACS+ and RADIUS protocols simultaneously. After installing the software, basic tasks, such as adding users AAA clients can be performed. Advanced tasks, such as defining downloadable access lists and command authorization sets can also be performed. For user actions through the PIX firewall, Cisco provides a feature called cut-through proxy to support user authentication and authorization.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
