Cisco Systems 3.3 Manual De Usuario
1-7
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 1 Overview
AAA Server Functions and Concepts
TACACS+
Cisco Secure ACS conforms to the TACACS+ protocol as defined by Cisco
Systems in draft 1.77. For more information, refer to the Cisco IOS software
documentation or Cisco.com (
Systems in draft 1.77. For more information, refer to the Cisco IOS software
documentation or Cisco.com (
RADIUS
Cisco Secure ACS conforms to the RADIUS protocol as defined in draft April
1997 and in the following Requests for Comments (RFCs):
1997 and in the following Requests for Comments (RFCs):
•
RFC 2138, Remote Authentication Dial In User Service
•
RFC 2139, RADIUS Accounting
•
RFC 2865
•
RFC 2866
•
RFC 2867
Table 1-1
TACACS+ and RADIUS Protocol Comparison
Point of Comparison
TACACS+
RADIUS
Transmission Protocol
TCP—connection-oriented
transport layer protocol, reliable
full-duplex data transmission
transport layer protocol, reliable
full-duplex data transmission
UDP—connectionless transport layer
protocol, datagram exchange without
acknowledgments or guaranteed
delivery
protocol, datagram exchange without
acknowledgments or guaranteed
delivery
Ports Used
49
Authentication and Authorization:
1645 and 1812
1645 and 1812
Accounting: 1646 and 1813
Encryption
Full packet encryption
Encrypts only passwords up to 16
bytes
bytes
AAA Architecture
Separate control of each service:
authentication, authorization, and
accounting
authentication, authorization, and
accounting
Authentication and authorization
combined as one service
combined as one service
Intended Purpose
Device management
User access control