Cisco 350 Series Administration Manual page 461

17
Configuring TACACS+
318
• RADIUS
• Port Security
• 802.1X Authentication
Protection from other network users is described in the following sections. These are attacks
that pass through, but are not directed at, the device.
• Denial of Service Prevention
• SSL Server
• Storm Control
• Port Security
• IP Source Guard
• ARP Inspection
• Access Control
• First Hop Security
An organization can establish a Terminal Access Controller Access Control System
(TACACS+) server to provide centralized security for all of its devices. In this way,
authentication and authorization can be handled on a single server for all devices in the
organization.
The device can act as a TACACS+ client that uses the TACACS+ server for the following
services:
• Authentication—Provides authentication of users logging onto the device by using
usernames and user-defined passwords.
• Authorization—Performed at login. After the authentication session is completed, an
authorization session starts using the authenticated username. The TACACS+ server
then checks user privileges.
• Accounting—Enable accounting of login sessions using the TACACS+ server. This
enables a system administrator to generate accounting reports from the TACACS+
server.
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
Security
Configuring TACACS+