Cisco Systems OL-6426-02 Benutzerhandbuch
C H A P T E R
12-1
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
12
Configuring Security Features
This chapter gives an overview of authentication, authorization, and accounting (AAA), the primary
Cisco framework for implementing selected security features that can be configured on the Cisco 1800
integrated services fixed-configuration routers.
Cisco framework for implementing selected security features that can be configured on the Cisco 1800
integrated services fixed-configuration routers.
Note
Individual router models may not support every feature described throughout this guide. Features not
supported by a particular router are indicated whenever possible.
supported by a particular router are indicated whenever possible.
This chapter contains the following sections:
•
•
•
•
•
•
Each section includes a configuration example and verification steps, where available.
Authentication, Authorization, and Accounting
AAA network security services provide the primary framework through which you set up access control
on your router. Authentication provides the method of identifying users, including login and password
dialog, challenge and response, messaging support, and, depending on the security protocol you choose,
encryption. Authorization provides the method for remote access control, including one-time
authorization or authorization for each service, per-user account list and profile, user group support, and
support of IP, Internetwork Packet Exchange (IPX), AppleTalk Remote Access (ARA), and Telnet.
Accounting provides the method for collecting and sending security server information used for billing,
auditing, and reporting, such as user identities, start and stop times, executed commands (such as PPP),
number of packets, and number of bytes.
on your router. Authentication provides the method of identifying users, including login and password
dialog, challenge and response, messaging support, and, depending on the security protocol you choose,
encryption. Authorization provides the method for remote access control, including one-time
authorization or authorization for each service, per-user account list and profile, user group support, and
support of IP, Internetwork Packet Exchange (IPX), AppleTalk Remote Access (ARA), and Telnet.
Accounting provides the method for collecting and sending security server information used for billing,
auditing, and reporting, such as user identities, start and stop times, executed commands (such as PPP),
number of packets, and number of bytes.
AAA uses protocols such as RADIUS, TACACS+, or Kerberos to administer its security functions. If
your router is acting as a network access server, AAA is the means through which you establish
communication between your network access server and your RADIUS, TACACS+, or Kerberos
security server.
your router is acting as a network access server, AAA is the means through which you establish
communication between your network access server and your RADIUS, TACACS+, or Kerberos
security server.