1-7
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 1 Overview
AAA Server Functions and Concepts
TACACS+
Cisco Secure ACS conforms to the TACACS+ protocol as defined by Cisco
Systems in draft 1.77. For more information, refer to the Cisco IOS software
documentation or Cisco.com (http://www.cisco.com).
RADIUS
Cisco Secure ACS conforms to the RADIUS protocol as defined in draft April
1997 and in the following Requests for Comments (RFCs):
• RFC 2138, Remote Authentication Dial In User Service
• RFC 2139, RADIUS Accounting
• RFC 2865
• RFC 2866
• RFC 2867
Table 1-1 TACACS+ and RADIUS Protocol Comparison
Point of Comparison TACACS+ RADIUS
Transmission Protocol TCP—connection-oriented
transport layer protocol, reliable
full-duplex data transmission
UDP—connectionless transport layer
protocol, datagram exchange without
acknowledgments or guaranteed
delivery
Ports Used 49 Authentication and Authorization:
1645 and 1812
Accounting: 1646 and 1813
Encryption Full packet encryption Encrypts only passwords up to 16
bytes
AAA Architecture Separate control of each service:
authentication, authorization, and
accounting
Authentication and authorization
combined as one service
Intended Purpose Device management User access control
To Next Page
Loading...
