- TACACS+
In computer networking, TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services.
History
TACACS+ is based on
TACACS , but, in spite of its name, it is an entirely new protocol which is incompatible with any previous version of TACACS. TACACS+ andRADIUS have generally replaced the earlier protocols in more recently built or updated networks, although TACACS and XTACACS are still running on many older systems.Authentication, Authorization and Accounting (AAA)
Whereas RADIUS combines authentication and authorization in a user profile, TACACS+ separates the two operations. Another difference is that TACACS+ uses the
Transmission Control Protocol (TCP) while RADIUS uses theUser Datagram Protocol (UDP). Most administrators recommend using TACACS+ because TCP is seen as a more reliable protocol.The extensions to the TACACS+ protocol provide for more types of authentication requests and more types of response codes than were in the original specification.
Protocol details
TACACS+ utilizes TCP port 49. It consists of three separate protocols, which can, if desired, be implemented on separate servers. [ [http://www.cisco.com/warp/public/614/7.html Cisco - TACACS+] ]
TACACS+ offers multiprotocol support, such as IP and AppleTalk. Normal operation fully encrypts the body of the packet for more secure communications. It is a Cisco proprietary enhancement to the original TACACS protocol.
TACACS+ uses APPLE and NETBIOS for operation.
ee also
References
External links
* [http://tools.ietf.org/html/draft-grant-tacacs-02 Cisco's TACACS+ RFC draft]
* http://www.shrubbery.net/tac_plus/
* http://www.gazi.edu.tr/tacacs Database supported tacacs+
* http://rubyforge.org/projects/tacacs-plus/ A pure Ruby implementation of TACACS+
Wikimedia Foundation. 2010.
