Terminal Access Controller Access-Control System Plus (TACACS+) is an Authentication, Authorization, and Accounting (AAA) protocol that is used to authenticate access to network devices. If we provide access to network devices based on IP address, then any user accessing a system that is assigned the allowed IP address would be able to access the network device. So, we need to provide access based on username and password. But, we cannot maintain a local database of usernames and passwords on every system as that would be difficult to manage. So, instead, we use an Access Control Server (ACS) that maintains a central database of users who should be provided access. We also need to maintain what resources an allowed user is authorized to access and how many resources are being accessed.
In other words, we need a centralized Authentication, Authorization and Accounting (AAA) framework for users to manage authentication or who wants to access the resources, authorization or what all resources the user is permitted to access and what all operations the user can perform, and accounting or how much resources the user is consuming during the access. TACAS+ is a protocol using which one can manage Authentication, Authorization, and Accounting (AAA).
How does TACACS+ protocol work and how is it different from the RADIUS protocol? In this article, we would discuss that in detail.
In this article, we will discuss:
-
How does TACACS+ protocol work?
-
TACACS+ Packet Format
-
TACACS+ Data Obfuscation
-
TACACS+ Authentication
-
TACACS+ Authorization
-
TACACS+ Accounting
-
-
How is TACACS+ different from RADIUS?
0 Comments