6.4. Summary
This chapter covered the AAA security model, and how it can be used to control access and authentication processes for network devices. The two protocols most commonly used with the AAA model are RADIUS and TACACS+.
Though Kerberos, RADIUS, and TACACS+ perform the same functions, Kerberos had its roots in server networks; RADIUS grew out of dial-up user authentication; TACACS+ has grown from network device authentication.
AAA, as it relates to VPNs, will be discussed in more detail in Chapter 7. It is important to note that while the default RADIUS protocol may have some serious security problems, many vendors offer enhanced RADIUS solutions, which will dramatically improve the security of RADIUS. That being said, these products ...
Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
