IHMO, both points you made aren't really applicable to what you're asking.
You're asking if you should use CiscoSecure on NT for AAA, and I'd say fine, go for it. Here's why I discount what your friend said: 1) Security holes, security schmoles. You're not wanting to use NT as a firewall or WWW/FTP server in the DMZ, and the fact is, you should have a firewall that's NATing (or at least a router that's NATing) you to any outside network (internet or other company's private network), so the only security threats would be from internal sources (not to discount that, but again it's not like every hacker wannabe from the internet will have access to this box). If you want, you can even put an access list on the router that would be this boxes gateway and restrict traffic going to this box to only TACACS. BAM! Done! 2) NT4/2000 are as stable as it needs to be for doing AAA. I mean, we're not talking about a server that's going to be doing many complex things at once (WWW/DNS, CGI-BIN, scripts, etc). It will run ONE thing, CiscoSecure. Stability shouldn't be a problem. And the fact is, for (way) under $1,000 you can setup a second server running CiscoSecure, then in your TACACS setup on the devices, simply point to both servers in case one fails. Again, BAM! Done! My 2 cents =) Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41443&t=41440 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
