TACACS+ allows you to use it to authenticate the use of commands, radius
only seems to allow you to log on and has no further control.
RACAL has a product called TRUSTME, which can be used for authentication
using TACACS and/or Radius. Still a little limited, but the next release
looks better on paper.
(runs on NT and uses Oracle or Sybase DB (from experience I'd use Sybase))
Mark
-----Original Message-----
From: Paul D. Robertson [mailto:[EMAIL PROTECTED]]
Sent: Friday, 12 February 1999 12:29
To: k0rz .
Cc: [EMAIL PROTECTED]
Subject: Re: Tacacs plus ver Radius
*** This E-Mail has been checked by MAILsweeper ***
On Tue, 9 Feb 1999, k0rz . wrote:
> I am trying to understand the which server would be better to use for
> Ace authentication and why so far I have found very little literature or
> web sites on this. I would really appreciate some insite into this
Though obviously biased, Cisco does have a TACAS vs. Radius document on
their Web site.
If you either switch or direct-path the host <-> auth server stuff though
it really shouldn't matter a great deal. Radius has the advantage of
multi-vendor support, tacas+ of being a "better" protocol.
There's no cut-and-dried answer, it's better to look and see which can do
what you need, and then which is less-vulnerable to attack in your
specific environment.
Paul
----------------------------------------------------------------------------
-
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
