Tacacs, Radius, Table 1-1 – Cisco 3.3 User Manual

Page 47

Advertising
background image

1-7

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 1 Overview

AAA Server Functions and Concepts

TACACS+

Cisco Secure ACS conforms to the TACACS+ protocol as defined by Cisco
Systems in draft 1.77. For more information, refer to the Cisco IOS software
documentation or Cisco.com (

http://www.cisco.com

).

RADIUS

Cisco Secure ACS conforms to the RADIUS protocol as defined in draft April
1997 and in the following Requests for Comments (RFCs):

RFC 2138, Remote Authentication Dial In User Service

RFC 2139, RADIUS Accounting

RFC 2865

RFC 2866

RFC 2867

Table 1-1

TACACS+ and RADIUS Protocol Comparison

Point of Comparison

TACACS+

RADIUS

Transmission Protocol

TCP—connection-oriented
transport layer protocol, reliable
full-duplex data transmission

UDP—connectionless transport layer
protocol, datagram exchange without
acknowledgments or guaranteed
delivery

Ports Used

49

Authentication and Authorization:
1645 and 1812

Accounting: 1646 and 1813

Encryption

Full packet encryption

Encrypts only passwords up to 16
bytes

AAA Architecture

Separate control of each service:
authentication, authorization, and
accounting

Authentication and authorization
combined as one service

Intended Purpose

Device management

User access control

Advertising