TACACS+ Protocol
The full form of the TACACS+ stands for terminal access controller access control server, it is a protocol which has similarities to the RADIUS protocol, which means that it is a security protocol and it is also used in the AAA framework, it is used to to provide centralized authorization to various types of users who need to gain access of the network.
The Cisco company has developed the protocol for AAA framework which means that it can be used between the Cisco device and Cisco ACS server, This protocol uses tcp as transmission protocol and it uses the TCP port 49.
Working of TACACS+ Protocol
The client of the TACACS+ protocol is called the network access device (NAD) it is also called network access server (NAS) the network access device contacts the TACACS+ server in order to obtain prompt of the username and it does this using the CONTINUE message.
After this the user simply enters a user name and then the network access device makes a contact to the protocol server again in order to obtain the password prompt after this the user simply enters the password and then the password is sent to the protocol’s server.
Advantages of TACACS+ Protocol
Now that we have understood the basics about this protocol, let’s look at some of the advantages that this protocol offers:
- It provides better control then the RADIUS protocol because it allows the network administrator to easily define what commands a user can run.
- All the AAA packets are more encrypted rather than just being passwords.
- TACACS+ protocol uses the TCP connection instead of the UDP connection and the TCP guarantees the communication between both the client and the server.
Disadvantages of TACACS+ Protocol
- As we discussed that it is a cisco proprietary which means that it can only be used in the Cisco devices.
- This protocol has less support for the accounting as compared to RADIUS.
Network Authentication Protocols: RADIUS, TACACS+
Network authentication protocols are known as methods that are used to verify the identity of the users or the devices that are written to access a particular network. these protocols are used to make sure that only the authorized users of the devices are granted access while making sure the unauthorized users are out. so in this article, we will understand two of the most commonly known protocols used for network authentication: RADIUS & TACAS+