Manualsbrain.com
  1. Manuals
  2. Brands
  3. 3com
  4. 5500-ei pwr
  5. Installation Instruction

3com 5500-ei pwr Installation Instruction

Download
Page of 1072
 
1-1 
1  
AAA Overview 
Introduction to AAA 
AAA is the acronym for the three security functions: authentication, authorization and accounting. It 
provides a uniform framework for you to configure these three functions to implement network security 
management. 
Authentication: Defines what users can access the network, 
Authorization: Defines what services can be available to the users who can access the network, 
and 
Accounting: Defines how to charge the users who are using network resources. 
Typically, AAA operates in the client/server model: the client runs on the managed resources side while 
the server stores the user information. Thus, AAA is well scalable and can easily implement centralized 
management of user information.  
Authentication 
AAA supports the following authentication methods: 
None authentication: Users are trusted and are not checked for their validity. Generally, this 
method is not recommended. 
Local authentication: User information (including username, password, and some other attributes) 
is configured on this device, and users are authenticated on this device instead of on a remote 
device. Local authentication is fast and requires lower operational cost, but has the deficiency that 
information storage capacity is limited by device hardware. 
Remote authentication: Users are authenticated remotely through RADIUS or HWTACACS 
protocol. This device (for example, a 3Com switch) acts as the client to communicate with the 
RADIUS or TACACS server. Remote authentication allows convenient centralized management 
and is feature-rich. However, to implement remote authentication, a server is needed and must be 
configured properly.  
Authorization 
AAA supports the following authorization methods: 
Direct authorization: Users are trusted and directly authorized. 
Local authorization: Users are authorized according to the related attributes configured for their 
local accounts on this device. 
RADIUS authorization: Users are authorized after they pass RADIUS authentication. In RADIUS 
protocol, authentication and authorization are combined together, and authorization cannot be 
performed alone without authentication. 
HWTACACS authorization: Users are authorized by a TACACS server. 
Accounting 
AAA supports the following accounting methods: