What email address or phone number would you like to use to sign in to Docs.com?
If you already have an account that you use with Office or other Microsoft services, enter it here.
Or sign in with:
Signing in allows you to download and like content, and it provides the authors analytical data about your interactions with their content.
Embed code for: 17.7 External Authentication Options
Select a size
17.7 External Authentication Options
External Authentication Options Section 17: Securing Administrative Access In a small network, local authentication is often used. When you have more than a few user accounts in a local device database, managing those user accounts becomes more complex. For example, if you have 100 network devices, adding one user account means that you have to add this user account on all 100 devices in the network. Also, when you add one network device to the network, you have to add all user accounts to the local device database to enable all users to access that device. The two most popular options for external authentication of users are as follows: RADIUS is an open standard with low use of CPUresources and memory. It is used by a range of network devices, such as switches, routers, and wireless devices. TACACS+ is a security mechanism that enables modular AAA services. It uses a TACACS+ daemon running on a security server. The figure shows the external authentication process: AAA commonly stands for authentication, authorization, and accounting. It refers to a security architecture for distributed systems that enables control over which users are allowed access to which services and how much of the resources they have used. 1. A host connects to the network. Any communication protocol can be used, depending on the host. 2. The network device sends a RADIUS/TACACS+ access request to the authentication server. 3. The authentication server uses an identity store to validate user credentials. 4. The RADIUS/TACACS+ response (AccessAccept or AccessReject) is sent to the network device that will apply the decision. Up Next: Configuring the Login Banner