TACACS+ Overview

tacacs-messaging

TACACS+ Overview

TACACS+ (Terminal Access Controller Access-Control System) is a AAA protocol that is developed by Cisco. After a while TACACS+ has became a standard protocol that is supported by all vendors.

The main duty of TACACS+ is providing device administration. It can also used for netwok access. With TACACS+, network administrators are authenticated to log in the network devices like router, switches, firewalls, etc. in the network.

TACACS+ provide a full packet encryption. RADIUS encrypts only passwords. This makes TACACS+ more secure than RADIUS.

Other AAA Articles:

Authentication, Authorization, Accounting – AAA Overview
Authentication, Authorization, Accounting – AAA Protocols
Authentication, Authorization, Accounting – RADIUS Overview
Authentication, Authorization, Accounting – TACACS+ Overview
Authentication, Authorization, Accounting – Huawei AAA Configuration

TACACS+ is also a Client/Server protocol. For different duties (Authenticaiton , Authorization, Accounting ), different messages are used between TACACS+ Server and TACACS+ Client.

TACACS+ uses TCP (Transmission Control Protocol) as a Trasnport Protocol. The TCP Port that is used for TACACS+ is 49.

TACACS+ provide a separata AAA ( Authentication, Authorization, Accounting). This is not separate in RADIUS. In Radius, Authentication and Authorization is combined. Only Accounting is separate.

TACACS+ uses command logging. With TACACS+, we can determine that which user enter which command. This is especially very useful for troubleshooting issues.

There are 15 privilege levels used with TACACS+.

TACACS+ has three steps messaging. As we have talked about before, TACACS+ has separate pahases for Authentication , Authorization and Accounting. These pahases are:

• Authentication
• Authorization
• Accounting

For these phases, request and reply messages are sent between TACACS+ Client and TACACS+ Server.


tacacs-messaging

Other AAA Articles:

Authentication, Authorization, Accounting – AAA Overview
Authentication, Authorization, Accounting – AAA Protocols
Authentication, Authorization, Accounting – RADIUS Overview
Authentication, Authorization, Accounting – TACACS+ Overview
Authentication, Authorization, Accounting – Huawei AAA Configuration

Leave a Reply