Configuring Security Features on an External
AAA Server
The authentication, authorization, and accounting (AAA) feature verifies the identity of, grants access to, and
tracks the actions of users managing a switch. All Cisco MDS 9000 Family switches use Remote Access
Dial-In User Service (RADIUS) or Terminal Access Controller Access Control device Plus (TACACS+)
protocols to provide solutions using remote AAA servers.
Based on the user ID and password combination provided, switches perform local authentication or authorization
using the local database or remote authentication or authorization using a AAA server. A preshared secret
key provides security for communication between the switch and AAA servers. This secret key can be
configured for all AAA servers or for only a specific AAA server. This security feature provides a central
management capability for AAA servers.
This chapter includes the following sections:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
C H A P T E R
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
5
29