Password Protection Using Tacacs+ Authentication; Table 7: Tacacs+ Access Levels; Table 8: Enhanced Security Tacacs+ Attributes - Avaya VSP 4000 Technical Configuration Manual

5. Password Protection using TACACS+
Authentication
The VSP switch supports the Terminal Access Controller Access Control System plus (TACACS+) client.
TACACS+ provides management of users who access the switch through Telnet, console, rlogin, web
access through EDM, and SSHv1/v2 (password authentication) connections using Transmission Control
Protocol (TCP).
The TACACS+ feature uses Transmission Control Protocol (TCP) for its transport to ensure reliable
delivery of packets. TACACS+ provides security by encrypting all traffic between the switch, which acts
as the Network Access Server, and the TACACS+ server.
The VSP switch supports level 1 to 6 and level 15 as shown in the table below.
Access Level
None
Read only
Layer 1 read write
Layer 2 read write
Layer 3 read write
Read write
Read write all
Read write all
Access Level
None-Access
Auditor
Security
Operator
Privilege
Admin
Admin
March 2015

Table 7: TACACS+ Access Levels

Table 8: Enhanced Security TACACS+ Attributes

VSA Attribute 26 – Vendor Identifier 1584 Type 192 value
Avaya Inc. – External Distribution
Privilege Level
0 and 7 to 14
1
2
3
4
5
6
15
0, 4, 5, 7 to 14
1
2
3
N/A – Not allowed by TACACS+
6
15
avaya.com
56