AAA and Network Security
The purpose of AAA is primarily focused on control accessibility and who are authorized to gain access to a specific network. The authentication session is when a computer must present credentials such as username and password. In addition, security tokens are eligible for authentication purposes. If the credentials pass this session, it moves onto the authorization session. The computer is required to abide by certain policies determining which resources and services are allowed for access. Some of it may be limited access to bandwidth, applications, and the time of accessibility. Lastly, the accounting session focuses on auditing or monitoring time and data resources that are being used, which includes logging data traffic and bandwidth usage (Meyers, 2018, pp.371-372). To strengthen this security philosophy, two standards were developed to support it, which are RADIUS and TACACS+.
One of the standards for AAA is called RADIUS which stands for Remote Authentication Dial-In User Service. This standard was created assisting ISPs connection to a centralized database by connecting a vast number of computers and modems. The three devices that operate within a RADIUS session are the RADIUS server, several network access servers (NASs) and a group of systems that works their way to connect to the network. Microsoft uses Internet Authentication Service (IAS) whereas Linux uses FreeRADIUS (Meyers, 2018, pp.372-373) The second standard for AAA was developed by Cisco to support multiple routers and switches that are working in the network. Cisco called it Terminal Access Controller Access Control System Plus (TACASC+). The more machines are involved, the more chaotic and complex it may be to maintain and monitor. That is where TACASC+ comes in and operates to make sure the network runs smoothly. Unlike RADIUS, TACASC+ uses TCP port 49 by default and separates AAA into various parts (Meyers, 2018, p.373).
References
Meyers, M. (2018b). CompTIA Network+ Certification All-in-One Exam Guide, Seventh Edition (Exam N10-007) by Mike Meyers, McGraw-Hill Education. McGraw-Hill Education.
No comments:
Post a Comment