what is RADIUS and TACACS+ in your own words.

Hi;

What is RADIUS and TACACS+ in your own words? What are they used for? And Where? No wikipedia please.

Br.
LVL 12
jazzIIIloveAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Michael-BestCommented:
For an excellent explanation please refer to the techexams.net post by Darril Gibson
Link:
 http://www.techexams.net/forums/security/48766-what-difference-between-tacacs-radius.html
Kanti PrasadCommented:
Sorry Wolfe -- I was just trying to help and I did not know that there will be such objection.

 jazzIIIlove : Here is some info which I am writing with my own understanding and I hope you will find it useful.

 TACACS+ and RADIUS (RFC 2865 - Spec) are Security Protocols of Cisco to control access into networks.

RADIUS is an access server that uses AAA protocol. It secures remote access to networks and network services against unauthorized access. RADIUS has a client, a server and a protocol with a frame format that utilizes User Datagram Protocol (UDP)/IP. RADIUS uses UDP which is best effort transport.RADIUS encrypts only the password in the access-request packet, from the client to the server. The remainder of the packet is unencrypted, RADIUS does not multiprotocol protocols ((ARA,NetBIOS , NASI & •X.25 PAD ). RADIUS Request for Comments (RFCs) does not guarantee interoperability.RADIUS does not allow users control on routers. RADIUS combines authentication and authorization hence in router management it cannot decouple authentication, exec authorization, command authorization, exec accounting, and command accounting.

TACACS+ protocol has independent authentication, authorization, and accounting (AAA) architecture that is designed to support growing security markets, It uses TCP which is connection oriented transport.TACACS+ encrypts the entire body of the packet but leaves a standard TACACS+ header. TACACS+ offers multiprotocol support(ARA,NetBIOS , NASI & •X.25 PAD ). TACACS+ allows control on routers.TACACS+ decouples  authentication and authorization hence  in router management it can decouple authentication, exec authorization, command authorization, exec accounting, and command accounting.
jazzIIIloveAuthor Commented:
Hi;

Thanks any fundamental difference between them?

Also are those protocols used by ISPs? Where is their place in OSI layer?

Best regards.
Kanti PrasadCommented:
Hi JazzIIIlove


Both are used in dial in environments to help clients to authenticate with ISP for an internet connection.

The flow is Network access server (the Radius\TACACS client) connects to the Radius or TACACS server within a Windows or Linux system and as it Establishes connections between devices and applications it needs to reside in the Session Layer.

Radius is cheap and is an open source ( sorry not a cisco one) with limited functionality and TACACS+ is a Cisco proprietary protocol and is expensive but has good control over security.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Miscellaneous

From novice to tech pro — start learning today.