AAA
Authentication-
It’s providing username &
password to user, so they can login on server or devices of that organization.
Authenticate individually users can access in network resource.
Authorization-
Allowing specific network resource to
users, the service of user can be Read access or Write access.
Accounting-
Its process to keep a track of Users, In
accounting we can check & monitor what user has done.
RADIUS vs TACACS
RADIUS
|
TACACS
|
Its Open standard
|
Its cisco proprietary
|
Its use UDP as transport layer
|
Its is TCP as transport layer
|
It combines Authentication and
Authorization
|
It seperate Authentication, Authorization,
and Accounting
|
UDP port nos use 1812 for authentication
and authorization and 1813 for accounting
|
TCP port nos use 49
|
Only the password are encrypted
|
All the AAA packets are encrypted
|
Cisco ISE is use.
|
Cisco ACS is use.
|
Its use for network access
|
Its is use for device Administration.
|
Good one!!
ReplyDelete