If you didn't want to go to the website here you go.
The major differences are:
Transport Mechanism - RADIUS uses UDP TACACS+ uses TCP
Confidentiality - RADIUS encrypts only the password in the Access-Request
packet from the client to the server. The remainder of the packet is in the
clear. Other information such as username, authorized services, and
accounting could be captured by a third party, making RADIUS networks
potential targets of hackers using session capture and replay attacks.
TACACS+ encrypts the entire body of the packet but leaves a standard TACACS+
header.
Distribution of Functionality - The RADIUS protocol combines the processes
of authentication and authorization. The Access-Accept packets sent by the
RADIUS server to the client contain all the authorization information,
making separation of the authentication and authorization functions
difficult. The use of RADIUS is most appropriate when simple, single-step
authentication and authorization is required, as with most service provider
networks.
TACACS+ uses the AAA architecture, which separates authentication,
authorization, and accounting. This setup allows separate authentication
solutions that can still use TACACS+ for authorization and accounting. For
example, using TACACS+, it is possible to use Kerberos authentication and
TACACS+ authorization and accounting. After a network access server
authenticates to a Kerberos server, it requests authorization information
from a TACACS+ server without having to reauthenticate. The NAS informs the
TACACS+ server that it has successfully authenticated on a Kerberos server,
and the server then provides authorization information.
Multiprotocol Support - RADIUS has limited support for protocols other than
TCP/IP. For example, RADIUS does not natively support the following
protocols:
AppleTalk Remote Access (ARA)
NetBIOS frame protocol control
Novell Asynchronous Services Interface (NASI)
Packet assembler/disassembler (PAD) connection
These protocols are natively supported by TACACS+.
>>>Brian
>From: "David Nie" <[EMAIL PROTECTED]>
>Reply-To: "David Nie" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: what is the difference between tacas+ and radius
>Date: Fri, 22 Dec 2000 15:39:06 +0800
>
>Hi, all
>
>Could you please tell me the difference of tacas+ and radius server?
>
>--
>David Nie
>
>
>
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
