Security
40
System Management Guide
3HE 11018 AAAC TQZZA Edition: 01
3.7 Setting Up Security Attributes
Table 4 depicts the capabilities of authentication, authorization, and accounting
configurations. For example, authentication can be enabled locally and on RADIUS
and TACACS+ servers. Authorization can be executed locally, on a RADIUS server,
or on a TACACS+ server. Accounting can be performed on a RADIUS or TACACS+
server.
3.7.1 Configuring Authentication
Refer to the following sections to configure authentication:
• Local authentication
− Configuring Password Management Parameters
− Configuring Profiles
− Configuring Users
• RADIUS authentication (with local authorization)
By default, authentication is enabled locally. Perform the following tasks to
configure security on each participating 7705 SAR router:
− Configuring Profiles
− Configuring RADIUS Authentication
− Configuring Users
• RADIUS authentication (with RADIUS authorization)
To implement RADIUS authentication with authorization, perform the following
tasks on each participating 7705 SAR router:
− Configuring RADIUS Authentication
− Configuring RADIUS Authorization
Table 4 Security Configuration Requirements
Authentication Authorization Accounting
Local Local None
RADIUS Local and RADIUS RADIUS
TACACS+ Local and TACACS+ TACACS+
To Next Page
Loading...
