Authentication, Authorization, Accounting


Table of Contents

What is AAA?

AAA is the abbreviation for Authentication, Authorization and Accounting terms. This mechanims provide security and some user specific steps for a user that access to the Enterprise Network. In an Enterprise Network, AAA is a very important security implementation. YOu can reach the related rfc , here.


What is the meaning of these terms? Let’s explain thse three terms and look what is the duty of each of them.

  • Authentication : Provides User verification.
  • Authorization : Determines the Services that will be provided to the specific users.
  • Accounting : Billing specific users according to their usage.



The three terms that build AAA are basically like above.


To implement AAA (Authentication, Authorization and Accounting)in a system, there are some Protocols. In Cisco devices, AAA implementation can be done with two Protocols. One of them is standard, the other is Cisco proprietary.These are :


Now let’s explain each of the terms used in AAA. With this explanationi you will understand AAA, better.


As all network, Enterprise Networks need to be secure. Access to these networks from any place is restricted except specific users. These users are the employees of an Enterprise, technicians, engineers, human resources experts, sales representatives, managers etc. Each of these people neds to access Enterprise Network. But, accessing without any mechanims is not a Secure way to connect a network. So, before allowing users to access the network, users must be checked. This mechanims is Authentication.
Authenticaion means that “Who are you? And What is your key?”.


In Authentication, user profiles are stored. In these profiles, user’s “username” and “password” are stored. According to these information, they are accepted to the network. It is basically an identity validation.
There are three modes of Authentication. These modes are:

  • None Authentication
  • Local Authentication
  • Remote Authentication

Lesson tags: AAA
Back to: CCNP Enterprise 350-401 ENCOR > Device Access Control

Leave a Reply

Your email address will not be published. Required fields are marked *

CCNP Enterprise 350-401 ENCOR