Friday, May 25, 2012

AAA: AUTHENTICATION

  • AAA Refers to a variety of common security features.
  • AAA: Authentication, Authorization & Accounting
  • The strongest authentication method to protect CLI are:
      • TACACS+ 
      • RADIUS server 
  • The Cisco Secure Access Control Server (ACS) 
    • It is a cisco systems software product
    • It can be installed on unix, linux & several windows platforms.
    • It holds a set of usernames & passwords used for authentication
  • Routers & Switches send Usernames & passwords from users are sent to server in encrypted manner.


  		•
    RADIUS
    TACACS+
    Scope of Encryption: Packet payload or just the password
    Password only
    Entire Payload
    Layer 4 Protocol
    UDP
    TCP
    Well-known Port/IOS default port used for authentication
    1812/1645
    49/49
    Standard or CISCO Proprietary
    RFC 2865
    Proprietary
at
Subscribe to: Posts (Atom)